Attackers infiltrate malware on PCs unnoticed security hole in iTunes and iCloud for Windows. Even those who have uninstalled the programs long ago could be at risk.
Unknowns have used a security vulnerability in the iTunes and iCloud programs in recent weeks to infect Windows PCs with malware without being noticed.
Vulnerability Affects All iTunes Versions Prior To 12.7.4
A remote, anonymous attacker could exploit multiple vulnerabilities in Apple iTunes to increase their privileges, execute arbitrary code and cause a denial of service. The vulnerability affects all iTunes versions prior to 12.7.4 for the Windows operating systems 7, 8.1 and Windows 10. If the iTunes interface does not appear automatically, call the program and initiate the update manually. To do this, click on the question mark in the menu bar and then on Check for updates. The experts advise that the update should be carried out as soon as possible. Information about the vulnerability is spreading rapidly in circles of cybercriminals.
Vulnerabilities In iCloud Fixed
Completely surprisingly, Apple rolled out an unscheduled update from iOS 12.3 to 12.3.1 last Friday. Experts were surprised that no update of the iTunes or iCloud software for Windows PCs had taken place at the same time as the release of 12.3.
Apple has now made up for this. If you already have iTunes or iCloud installed on your PC, you will find the Apple Update program under the Start menu. If this started, Apple checks its own computer and offers to download iTunes 12.9.5 and iCloud 7.12 if it has not already been done.
Users should install the new version as soon as possible, even if there appear to be no exploits for the fixed security problems.