Update uTorrent to 1.7.6

The staff at What.cd highly recommend you immediately update to 1.7.6 if you are using the uTorrent client. There is a bug that will allow a user (or agency) to remotely crash your client. The uTorrent team state the flaw affects all older uTorrent versions 1.6 and 1.7.x. too but have been quick to respond, releasing a new build - uTorrent 1.7.6 (build 7859) which has fixed the issue.

You can read the news story here http://torrentfreak.com/bittorrent-clients-vulnerable-to-remote-dos-attack-080117/

2008-01-15: Version 1.7.6 (build 7859)
- Change: do not use adapter subnet to identify local peers
- Fix: double-clicking to open items in RSS releases tab
- Fix: remote crash bug (affects all 1.6.x, 1.7.x, and 1.8 builds released to date)
- Fix: limit local peers if disk is congested

There are also reports of a s PoC code to EXECUTE code on overflow, so this would allow a remote attacker to run code on your machine.

Even if they are unable to execute code, the health of our swarms are highly at risk. Anti P2P agencies will quite possibly be running bots to crash clients as soon as they can, which could easily be before you've even read this announcement. A very large percentage of all peers on all trackers are running a vulnerable client and these bots can and will destroy swarms.

It is very likely we will be banning all vulnerable uTorrent clients, the few users we may lose because of not allowing 1.6.x will secure the survival of the swarm. As it is now if users do not upgrade and we continue to allow the flawed versions a bot run to crash peers on this tracker could easily cut our peers and even our seeded torrents in half. To achieve herd immunity we will likely be forced to make this update mandatory, as I know many of you are stubborn on upgrading past the 1.6 series ( I too was a 1.6.1 user until now).

You can ofcourse switch to another client altogether, there will be some sites that are slower to allow 1.7.6 but I am fairly sure when I say it will move alot faster than other whitelistings, and it is quite possible many or most sites will even ban previous versions as we will have to do if the majority ignore warning and put our swarms at risk of being DOS'd.

Update from a BMTV sysop generally the last site to allow new builds

"I've just added uTorrent 1.7.6 to the allow list after find out about the Static Overflow.
Vulnerable Systems:
* BitTorrent version 6.0 build 5535 and prior
* uTorrent version 1.7.5 build 4602 and prior
* uTorrent version 1.8-alpha-7834 and prior

There is already code out there to take over an XP machine running uTorrent 1.6."

So don't think we are alone in this