Govt Body Flags High-Risk Vulnerabilities For iPhones, iPads In India; Here's What To Do Next

JE Technology Desk: Apple iPhones and iPads are popular among gadget buyers in India because of their durable build quality and long-term software support. However, this does not make them a perfect choice for users because the Indian Computer Emergency Response Team (CERT-In) under the Ministry of Electronics and Information Technology (MeitY), Government of India, recently conveyed multiple vulnerabilities in iOS and iPadOS that could have been exploited in the wild by hackers.

According to the portal, these vulnerabilities having a 'high' severity rating could have allowed attackers to execute "arbitrary code" on a target device. In case a bad actor successfully exploited them, it could have led to seepage of the device access in their hands, according to India Today.

Also Read: iPhone Cyberattack Alert! This Text On iMessage Can Take Full Control Of Your iOS Device

These vulnerabilities are primarily a result of "improper input validation in Kernel [the core of the operating system]; improper checks or improper state management issues in WebKit [Apple's custom browser engine for Safari browser]."

This warning comes a day after the rollout of iOS/iPadOS 15.7.7 and iOS/iPadOS 16.5.1 on select old Apple devices.

iOS and iPadOS Vulnerabilities: Affected Software

iOS/iPadOS versions before 16.5.1 available on "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)" and iOS/iPadOS versions prior to 15..7.7 that were available for "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later," were affected.

"An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7," Apple support page states as the impact of the Kernel vulnerability. Similarly, the WebKit flaw could have processed "maliciously crafted web content," leading to code execution.

According to the Apple document, these security issues were discovered by Kaspersky researchers and an anonymous researcher.

Apple Software Vulnerabilities: How To Be Safe?

Users are advised to download the latest software available for their device and install the security patch at the earliest.