Centre's warning on Apple iPhones and iPads shouldn't be ignored

The Centre has issued a warning to select Apple users, stating that it is susceptible to multiple attacks due to multiple vulnerabilities. The Computer Emergency Response Team (CERT-IN), which comes under ministry of electronics and information technology, has issued a high severity warning.

In an advisory, CERT-IN stated that multiple vulnerabilities have been reported in Apple products which could allow an attacker to 'gain elevated privileges, execute arbitrary code, disclose sensitive information and bypass security restriction on the targeted system.

According to the computer response team, the vulnerabilities exist in Apple products due to logic issues in Safari extensions, ATS, Maps, Package Kit and shortcuts components, buffer overflow issue, out of bounds read issue and improper UI handling issue in WebKit component among others are impacting the Apple devices.

Besides this, memory corruption issue in Media Library component and improper checks issue in contacts component are some of the vulnerabilities. The advisory states that a remote attacker can exploit these vulnerabilities by persuading the victim to open a specially crafted file or application.

Which softwares are affected

- Apple iOS version prior to 16 for iPhone 8 and later models

- Apple iOS and iPadOS version prior to 15.7 for

1. iPhone 6s and later

2. iPad Pro (all models)

3. iPad Air 2 and later

4. iPad 5th generation and later

5. iPad mini 4 and later

6. iPod touch.

According to the advisory, the Apple laptops which are running on MacOs Monterey version prior to 12.6, MacOs Big Sur version prior to 11.7 and Apple Safari version prior to Safari 16 are also among those affected.

Solution

The government has advised the Apple users to carry out appropriate software updates.