Apple users, government has a warning for you

Select Apple devices are susceptible to cyber attacks due to multiple vulnerabilities found in Apple products. The Indian Computer Emergency Response Team (CERT-In) has issued an advisory for Apple users asking them to update their products immediately. “Multiple vulnerabilities have been reported in Apple products which could allow an attacker to gain elevated privileges, execute arbitrary code, disclose sensitive information and bypass security restriction on the targeted system” the agency says in its advisory.

Which Apple products are affected?

In its advisory, CERT-In says that iPhones running Apple iOS version prior to 16 for iPhone 8 and later are affected by these vulnerabilities. The impacted device list also includes iOS and iPadOS version prior to 15.7 for

– iPhone 6s and later

– iPad Pro (all models)

– iPad Air 2 and later

– iPad 5th generation and later

– iPad mini 4 and later

– iPod touch (7th generation)

Apple laptops running macOS Monterey version prior to 12.6, Apple macOS Big Sur version prior to 11.7 and Apple Safari version prior to Safari 16 are also affected, the advisory states.

Why do these vulnerabilities exist in Apple products?

CERT-In says that these vulnerabilities exist in Apple products due to logic issues in Safari Extensions, ATS, Maps, PackageKit and Shortcuts components. Buffer overflow issue, out-of-bounds read issue and improper UI handling issue in WebKit component are also impacting Apple devices.

As per the advisory, out-of-bounds write issue and improper memory handling issue in Kernel component, memory corruption issue in MediaLibrary component and improper checks issue in contacts component are probable reasons for the security loophole.

These vulnerabilities, Apple says, can allow a remote attacker to persuade the victim to open a specially crafted file or application. Successful exploitation of these vulnerabilities could allow the attacker to gain elevated privileges, execute arbitrary code, disclose sensitive information and bypass security restrictions on the targeted system.

What is the solution?

In its advisory webpage, CERT-In has advised users to download appropriate software updates as mentioned in Apple security updates for Safari 16, macOS Big Sur 11.7, macOS Monterey 12.6 and iOS 16.

Catch all the Technology News and Updates on Live Mint.
Download The Mint News App to get Daily Market Updates & Live Business News.

More
Less

Subscribe to Mint Newsletters

* Enter a valid email

* Thank you for subscribing to our newsletter.

Post your comment

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.