Indian government issues critical warning for Apple iPhones and iPads
What's the story
The Indian Computer Emergency Response Team (CERT-In) has sounded alarm bells for iPhone and iPad users, citing detected vulnerabilities.
These security loopholes could potentially leave Apple devices open to cyber-attacks.
In addition to the iPhone and iPad vulnerabilities warning, CERT-In has also issued a high-severity alert specifically for the Safari browser found on various Apple devices, including iPhones, iPads, and Macs.
Detected flaws
Vulnerabilities impacting Apple devices
The advisory from CERT-In, coded as CIVN-2024-0090, details how these vulnerabilities could enable a hacker to instigate a denial-of-service condition, run arbitrary code, reveal sensitive data, and sidestep security measures.
The problem stems from inadequate validation in several files, including Bluetooth, MediaRemote, Photos, Safari, and WebKit.
Other contributing elements include privacy concerns, buffer overflow issues, memory corruption, and timing side channel glitches.
Affected devices
Which Apple devices are in danger?
The report suggests that older iPhones and iPads operating on software versions earlier than 16.7.6 might be vulnerable.
The affected models include iPhone 8 series, iPhone X series, iPad 5th generation models, and certain iPad Pro models.
Furthermore, newer devices running on iOS and iPadOS 17.4 including the latest iPhone 15 series, iPhone 14 series and recent generations of iPads may also be prone to these vulnerabilities.
Insights
Safari browser also receives high severity warning
The report highlights multiple vulnerabilities in Safari browser due to state issues along with improper handling of web content and inadequate enforcement of content security policies.
These vulnerabilities affect Safari versions earlier than 17.4 and could potentially allow an attacker to bypass security measures, gain access to sensitive information, or even cause a denial-of-service condition on the targeted system.
Protective measures
How to shield against identified vulnerabilities
To protect against these security risks, users must update their iPhones and iPads to the most recent version.
Those with older devices that are not compatible with new updates may need to consider an upgrade
Other recommended safety measures include installing security patches, using secure connections, enabling Two-Factor Authentication (2FA), and downloading apps from trusted sources.