Finance
The Ministry of Electronics and Information Technology’s Indian Computer Emergency Response Team (CERT-In) has issued a security warning to iPhone users in India, warning that if not mitigated, hackers may get complete control of the device. CERT-In warns on its official website that older versions, such as the iPhone 6s, iPhone 7 series, iPhone 8 series, and iPhone SE first-generation, are also vulnerable. iPad users, including the iPad Air, Pro, and Mini, should also update to the most recent version of iPadOS.
To update your iPhone, open Settings > General > Software update. The same method applies to iPad users as well.
CERT-In states that the vulnerabilities exist in Apple iOS and iPadOS due to “improper input validation” in Kernel and “improper state management in issues in WebKit. The kernel is the core of any operating system, while WebKit is the core technology behind the Apple Safari browser. The security agency points out that if the vulnerabilities are exploited, the attacker can “execute arbitrary code on the target system,” meaning the hacker may even gain control of the device. CERT-In rates the severity with a “high” warning.
The government’s warning comes only days after Apple began releasing fresh iOS versions for iPhones. Apple has issued updates to iOS 15.7.7 and iPadOS 15.7.7 for iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation). iOS 16.5.1 and iPadOS 16.5.1 upgrades are also available for iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later. The flaws were found by experts at the security firm Kaspersky, according to Apple’s help page.
Concerning the iOS kernel vulnerability, the support website states, “An app may be able to execute arbitrary code with kernel privileges.” Apple is aware of a report that this problem was actively exploited against iOS versions prior to iOS 15.7.” The article emphasizes the WebKit issue, saying, “An app may be able to execute arbitrary code with kernel privileges.” Apple is aware of a report that this problem was actively exploited against iOS versions prior to iOS 15.7.”
Source:IT
