Live
- Mass Kolatam at SVU enters Wonder Book of Records
- Koil Alwar Thirumanjanam on Nov 26
- 16 gold medals, 485 degrees awarded to students
- TBS held Karthika Vana Mahotsav
- 135 newborns and 28 mothers die in 7 months
- Garena Free Fire Max Redeem Codes for Today (November 25): Unlock Free Skins, Diamonds & More
- NCC 2nd officer Narendra Babu secures Best Officer award
- Employees warn government to fulfill demands as KSRTC, BMTC gear up for strike
- Jagan took Rs 1,750 cr bribe from Adani: Anam
- Bhumana Abhinay hoists YSRCP flag at Everest base camp
Warning! Urgent Update Advised for iPhones and iPads with Outdated OS
CERT-In has flagged serious vulnerabilities in Apple's older iPhone and iPad operating systems, prompting an urgent call for users to update their devices to prevent remote attackers from taking control of users' devices.
India's Computer Emergency Response Team (CERT-In) has issued a high-severity warning to Apple users about severe vulnerabilities in several Apple products. The warning was issued in CERT-In vulnerability note CIVN-2023-0303 on October 14, 2023. The note highlights multiple vulnerabilities found in Apple iOS and iPadOS.
CERT-In is an office within the Ministry of Electronics and Information Technology, Government of India. It is a national agency that deals with cybersecurity in India. The government organization regularly monitors the online environment and publishes vulnerability notes that reveal threats throughout cyberspace. In its recent message, CERT-In revealed that the threats associated with these vulnerabilities in iOS and iPadOS devices are significant.
The note highlights these vulnerabilities in Apple iOS and iPadOS that arise from insufficient validation within the kernel component and a buffer overflow issue in the WebRTC component. A remote attacker could exploit these vulnerabilities by sending a carefully crafted request to the target system.
Successful exploitation of these vulnerabilities could grant a remote attacker elevated privileges, allowing them to execute arbitrary code on the target system. A malicious attacker could gain full control of the user's device, creating a significant security risk.
Apple devices affected by vulnerabilities
Apple iPhone and iPad with iOS and iPadOS versions earlier than 16.7.1. The affected software includes versions of Apple iOS and iPadOS before 16.7.1, commonly used on devices such as iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later.
How to stay safe
To stay secure and address these vulnerabilities, Cert-In recommends users apply the appropriate updates Apple provides in its security updates. Apple already released the fix for the vulnerabilities with Apple security updates: support.apple.com/en-us/HT213972.
In particular, Apple periodically releases patches and updates to address security issues, and it is crucial that users of affected devices quickly install these updates to mitigate the risks associated with identified vulnerabilities. Otherwise, the device could be exposed to potential exploitation by malicious actors.
