Not only Apple, government too wants you to update your iPhone and iPad – Times of India
Apple has recently started rolling out iOS 16 and iPadOS 16 update to all the compatible iPhones and iPads. Soon after the rollout, CERT, the government body responsible for pointing out the vulnerabilities across different platforms and services, has highlighted some vulnerabilities regarding the iOS and iPadOS.
The security risk found has been defined as “High Severity” and according to the report, it can allow attackers to exploit vulnerabilities and gain access to the device including security restrictions.
Affected users
CERT has issued the warning for Apple iPhones and iPads running operating systems older than version iOS 15.7.1 or iPad OS 15.7.1. That means, users need to update their devices to at least iOS 15.7.1 or iPad OS 15.7. Do note that, Apple has already rolled out the iOS 16 and iPadOS 16. So compatible devices can be directly updated to the latest versions of the operating system.
What’s the warning
“Multiple vulnerabilities have been reported in Apple iOS and iPadOS which could allow an attacker to execute arbitrary code, bypass security restrictions, information disclosure and cause denial of service condition on the targeted system,” says report.
Why these vulnerabilities exists
Based on the information provided by CERT, these vulnerabilities exist due to “improper memory handling in the Apple Neural Engine, Model I/O and Wi-Fi, a permissions issue in backup, a lock screen issue in FaceTime, improper bounds Checks in Graphics Driver, ppp & kernel, improper checks in image processing & zlib, a memory corruption issue in Kernel, a race condition in kernel, an out-of-bounds write issue in kernel, a logic issue in kernel & safari, a correctness issue in WebKit.”
This allows attackers to execute arbitrary code, bypass security restrictions, information disclosure and cause denial of service condition on the targeted system.
The security risk found has been defined as “High Severity” and according to the report, it can allow attackers to exploit vulnerabilities and gain access to the device including security restrictions.
Affected users
CERT has issued the warning for Apple iPhones and iPads running operating systems older than version iOS 15.7.1 or iPad OS 15.7.1. That means, users need to update their devices to at least iOS 15.7.1 or iPad OS 15.7. Do note that, Apple has already rolled out the iOS 16 and iPadOS 16. So compatible devices can be directly updated to the latest versions of the operating system.
What’s the warning
“Multiple vulnerabilities have been reported in Apple iOS and iPadOS which could allow an attacker to execute arbitrary code, bypass security restrictions, information disclosure and cause denial of service condition on the targeted system,” says report.
Why these vulnerabilities exists
Based on the information provided by CERT, these vulnerabilities exist due to “improper memory handling in the Apple Neural Engine, Model I/O and Wi-Fi, a permissions issue in backup, a lock screen issue in FaceTime, improper bounds Checks in Graphics Driver, ppp & kernel, improper checks in image processing & zlib, a memory corruption issue in Kernel, a race condition in kernel, an out-of-bounds write issue in kernel, a logic issue in kernel & safari, a correctness issue in WebKit.”
This allows attackers to execute arbitrary code, bypass security restrictions, information disclosure and cause denial of service condition on the targeted system.
For all the latest Technology News Click Here
For the latest news and updates, follow us on Google News.
Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.