Microsoft recently released a new version Apple Update iCloud for Windows users. The update brings some new improvements like iCloud Photos integration in the Windows Photos app. However, the Computer Emergency Response Team of India (CERT-IN) recently issued a warning to Apple iCloud for Windows. The government agency has classified this vulnerability as ‘high severity’ and has reported that it could allow an attacker to disclose sensitive information, execute arbitrary code, or bypass restrictions. security mechanism on the targeted system.”
Who is affected?
According to the report, users using Apple iCloud for versions of Windows prior to January 14 are affected by the newly found vulnerabilities.
What the government has said
According to the report, “Multiple vulnerabilities have been reported in Apple iCloud for Windows, which could allow an attacker to disclose sensitive information, execute arbitrary code, or bypass security restrictions on a system that is known to be compromised.” targeting”.
Here are the vulnerabilities found: CVE-2022-46693, CVE-2022-46692 and CVE-2022-46698.
Why do these holes exist?
According to CERT-In, these vulnerabilities exist in Apple iCloud for Windows due to “out-of-bounds write issues in ImageIO and logic issues in the WebKit component. An attacker can exploit these vulnerabilities by executing a specially crafted application.”
The government agency has also clarified that successful exploitation of these issues could allow attackers to reveal sensitive information and also execute arbitrary code.
What is the solution and how to update Apple iCloud for Windows
According to CERT-In, users using Apple iCloud for Windows should install the app’s latest available update immediately.
Users can check for the latest update for iCloud for Windows by visiting the Microsoft Store. Click the Store icon and then search for iCloud. Here, check to see if there are any pending updates. If so, click the Update button to download and install the latest version of the app.
Who is affected?
According to the report, users using Apple iCloud for versions of Windows prior to January 14 are affected by the newly found vulnerabilities.
What the government has said
According to the report, “Multiple vulnerabilities have been reported in Apple iCloud for Windows, which could allow an attacker to disclose sensitive information, execute arbitrary code, or bypass security restrictions on a system that is known to be compromised.” targeting”.
Here are the vulnerabilities found: CVE-2022-46693, CVE-2022-46692 and CVE-2022-46698.
Why do these holes exist?
According to CERT-In, these vulnerabilities exist in Apple iCloud for Windows due to “out-of-bounds write issues in ImageIO and logic issues in the WebKit component. An attacker can exploit these vulnerabilities by executing a specially crafted application.”
The government agency has also clarified that successful exploitation of these issues could allow attackers to reveal sensitive information and also execute arbitrary code.
What is the solution and how to update Apple iCloud for Windows
According to CERT-In, users using Apple iCloud for Windows should install the app’s latest available update immediately.
Users can check for the latest update for iCloud for Windows by visiting the Microsoft Store. Click the Store icon and then search for iCloud. Here, check to see if there are any pending updates. If so, click the Update button to download and install the latest version of the app.
