As many of you noticed in forum discussion there were recently certain vulnerabilities found in old and new versions of uTorrent. The latest version 3.5.3 fixes them but considering its usability problems (that all 3.x versions have to some extent) such as speed or stability issues, many users prefer to use older versions 2.0.4 or 2.2.1 or 3.4.5.

The exploits are divided to 2 groups - exploit of WebUI listening port and incoming connections port. You can and should mitigate the first by disabling WebUI and setting net.discoverable setting to false in uTorrent's settings. Doing these steps prevents majority of harmful action that could be done such as getting access to your PC. The remaining unfixed exploit of incoming port could allegedly make your client crash when someone attacked it, but there reports that even this cannot be replicated so we don't think there is enough reasons or need to ban all older versions of uTorrent.

Be careful about sites that you visit. We can recommend using JavaScript blocking plugins such as NoScript or others and whitelist only trusted sites. This would prevent these exploits and also various other possible online attacks.

If you are using old versions of uTorrent, make sure that you use the latest builds made for that version such as 2.0.4 build 22967 or 2.2.1 build 25302. Do not use other builds of these versions!

You can find more information in this topic