Original Issue Date: August 23, 2021
Severity Rating: HIGH
Software Affected
Apple iCloud for Windows versions prior to 12.5
Overview
Multiple vulnerabilities have been reported in Apple iCloud for Windows which could be exploited by a remote attacker to execute arbitrary code or cause denial-of-service (DoS) conditions on a targeted system.
Description
These vulnerabilities exist due to an error in the ImageIO component or improper bounds checking by the ImageIO component. A remote attacker could exploit these vulnerabilities by persuading a victim to open a specially crafted files on the target system. Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code or cause denial-of-service (DoS) conditions on the targeted system.
Solution
Upgrade to Apple iCloud for Windows 11.5 as mentioned in Apple security updates
https://support.apple.com/en-us/HT201222
Vendor Information
Apple
https://support.apple.com/en-us/HT212607
References
Apple
https://support.apple.com/en-us/HT212607
Disclaimer
The information provided herein is on “as is” basis, without warranty of any kind.