INDIA: In a concerning security warning, the Indian Computer Emergency Response Team (CERT-In) has alerted iPhone and iPad users in India about vulnerabilities that could give hackers complete control over their devices.
The warning applies not only to the latest iPhone models but also to older devices such as the iPhone 6s, iPhone 7 series, iPhone 8 series, and iPhone SE first-gen. iPad users, including those with the iPad Air, Pro, and Mini, are also advised to update their devices to the latest version of iPadOS.
The CERT-In has attributed the identified vulnerabilities to “improper input validation” in the Kernel and “improper state management” in issues related to WebKit, the core technology behind Apple’s Safari browser.
The agency highlights that attackers can execute arbitrary code on the target system if these vulnerabilities are exploited, potentially granting them complete control over the compromised device.
Given the severity of the situation, CERT-In has classified the warning with a “high” rating.
The agency has strongly urged iPhone and iPad users to update their devices immediately to address these vulnerabilities. The update process can be initiated by navigating to Settings > General > Software Update on iPhones and iPads.
By following these simple steps, users can protect their devices against potential security breaches.
Apple has already responded to these vulnerabilities by rolling out new iOS updates. Users can update iPhone models such as all iPhone 6s and iPhone 7 models, the 1st generation iPhone SE, iPad Air 2, the 4th generation iPad mini, and the iPod touch (7th generation) to iOS 15.7.7 and iPadOS 15.7.7.
For iPhone 8 and later models, all iPad Pro models, iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later, iOS 16.5.1 and iPadOS 16.5.1 updates are available.
Apple’s support page credits the discovery of these vulnerabilities to researchers at the renowned security firm Kaspersky.
Regarding the iOS kernel issue, Apple’s support page warns, “An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that miscreants may have actively exploited this issue against versions of iOS released before iOS 15.7.”
Given the potential risks associated with these vulnerabilities, iPhone and iPad users in India must take immediate action and update their devices to the latest software versions. By doing so, they can protect their personal information, maintain device integrity, and safeguard against unauthorized access.
Also Read: Apple to Unveil Mixed Reality Headset at WWDC; Will Not Replace iPhone