Govt issues high-risk warning for iPhone users in India
The Indian Computer Emergency Response Team under the Ministry of Electronics and Information Technology has issued a security warning for iPhone users in India. On its official website, CERT-In notes that old models, including iPhone 6s, iPhone 7 series, iPhone 8 series, and iPhone SE first-gen are vulnerable, while iPad users, including iPad Air, Pro, and Mini, are also advised to update to the latest version of iPadOS.
CERT-In states that the vulnerabilities exist in Apple iOS and iPadOS due to "improper input validation" in Kernel and "improper state management in issues in WebKit. The kernel is the core of any operating system, while WebKit is the core technology behind the Apple Safari browser.
Rating the severity with a "high" warning, the security agency points out that if the vulnerabilities are exploited, the attacker can "execute arbitrary code on the target system," meaning the hacker may even gain control of the device.
The government's warning comes days after Apple started rolling out new iOS updates for iPhones. Apple has released iOS 15.7.7 and iPadOS 15.7.7 updates for iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation). There is also iOS 16.5.1 and iPadOS 16.5.1 updates for iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later.
Apple's support page stated the vulnerabilities were discovered by researchers at the security firm Kaspersky.
Speaking about the iOS kernel issue, the support page points out, "An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7." About the WebKit issue, the page highlights, "An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7."
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.