iTunes running on windows operating system has a poor security verification, a group of hackers called “Team DoulCi” created by @AquaXetine and @MerrukTechnolog claim to have found a way to get access to get Apple ID and being able to gain control of devices not able to use Activation Lock
This could cause a greater danger , since a third party can have access to stored passwords and other personal information such as messages sent through iMessage.
This news was first reported by the Dutch website Tweakers and shared a couple of screenshots of what is called Apple’s iCloud activation service.Although, Apple software has been recently fixed, iTunes running on Microsoft operating remains vulnerable. According to Mark Loman, security expert SurfRight, doulCi team has managed to create a fake server, which emulates the Apple iCloud system, tricking the device and authorizing its release. Loman also mentioned that this was could have done on purpose or a error made in order to allow iCloud access to intelligence access.
At this time, it is recommended not to use iCloud on older devices unable to use Activation Lock or public Wi-Fi networks, at least until this issue is fixed.