The Indian Computer Emergency Response Team or CERT-In has issued a high severity warning for iPhone and iPad users due to vulnerabilities that could allow a hacker to make your device stop working, access sensitive information, and get around security measures.
CERT-In or the Indian Computer Emergency Response Team, has issued a high severity for Apple iOS and iPad OS devices. The warning was issued on March 15 and is listed on the official CERT-In website. As per the warning, multiple vulnerabilities were found in Apple iOS and iPadOS, which can possibly let someone attack the system to make it stop working, run any code they want, access sensitive information, and get around security measures.
The vulnerability can “allow an attacker to trigger denial of service condition, execute arbitrary code, sensitive information disclose and bypass security restrictions on the targeted system”, read the CERT-In website.
The security flaw impacts iOS and iPadOS versions earlier than 16.7.6 for devices like iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation. It also affects versions before v17.4 for devices like iPhone XS and newer, iPad Pro 12.9-inch 2nd generation and newer, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and newer, iPad Air 3rd generation and newer, iPad 6th generation and newer, and iPad mini 5th generation and newer.
As per CERT-In the issues in Apple’s iOS and iPadOS have been caused because of “improper validation” in Bluetooth, libxpc, MediaRemote, Photos, Safari & WebKit parts. There are also privacy problems in ExtensionKit, Messages, Share Sheet, Synapse & Notes parts. Another problem is that ImagelO can get too full, and the kernel & RTKit parts can have memory mistakes. Safari Private Browsing & Sandbox have a logic issue, while Siri has a lock screen problem, and CoreCrypto has a timing problem.
You can take several steps to protect your devices from such vulnerabilities.
Update software: Ensure that your Apple iOS and iPadOS devices are running the latest versions. Manufacturers often release software updates to fix security issues, so regularly check for and install updates.
Install security patches: Apply any security patches provided by Apple specifically to address the vulnerabilities mentioned by CERT-In.
Use secure connections: Avoid connecting to unsecured or public Wi-Fi networks, as they can increase the risk of unauthorized access to your device.
Enable Two-Factor Authentication (2FA): Adding an extra layer of security like 2FA can help prevent unauthorized access even if someone gains access to your credentials.
Be cautious with downloads: Only download apps and software from trusted sources such as the Apple App Store. Avoid downloading apps from unknown or suspicious sources.