New Delhi :
Recently, the national nodal agency that oversees cybersecurity-related issues, CERT-In (Indian Computer Emergency Response Team) has issued medium to high-severity warnings to Apple users in India.
Apple Issuing High-Severity Warnings
They have found vulnerabilities on Mac PCs, Watches, and Apple TVs that might give the attacker “access to sensitive information” if exploited.
To avoid this, the agency within the Ministry of Electronics and Information Technology (MeitY) advises users to update the software versions immediately.
Apple has recently released software updates for iPhones and iPads that appear to be low on features but are critically important from a security standpoint.
Apple Released Critical Updates for Security
On Friday, Apple began rolling out the latest updates, iOS 14.6.1 and iPadOS 14.6.1.
It is highly recommended for Apple users to install these updates on their iPhones and iPads as soon as possible in order to safeguard their devices from potential attacks.
According to the official release note, Apple stated that these updates address two security vulnerabilities that “may have been actively exploited.”
It should be noted that Apple does not disclose security issues until conducting extensive research, both internally and in collaboration with cybersecurity experts.
To put it simply, if Apple announces a security flaw publicly, and labels it as a “Critical Vulnerability,” it is important to install the fix as soon as it becomes available.
Security Flaws
The latest updates have addressed the security vulnerabilities identified as CVE-2023-28206 and CVE-2023-28205. A cybersecurity expert associated with Amnesty International has identified the first vulnerability, which could provide kernel privilege to a malicious actor.
An important point to consider is that a vulnerability of such magnitude can pose a significant threat.
Essentially, the vulnerability enables a hacker to execute malevolent code at the most basic level of an operating system, causing mayhem by taking advantage of root access, exploiting code vulnerabilities, and gaining diverse degrees of control over the affected device.
The second vulnerability impacts the WebKit engine that manages Apple’s web browser and could potentially permit remote code execution.
As a result, a malicious entity could remotely execute harmful code on the targeted device, with the objective of stealing sensitive data, for instance.
Security Patch Release
Thankfully, Apple has at last issued a remedy for both vulnerabilities, which impact iPhone 8 (and later models, such as the iPhone 14) as well as the third-generation iPad Air, fifth-generation iPad, and fifth-generation iPad mini, along with their corresponding successors.
Regarding older iPhones and iPads, Apple issued updates to iOS 15.7.5 and iPadOS 15.7.5 on Monday.
MacBook users should also take note, as Apple has launched macOS 13.3.1, which contains fixes for the same vulnerabilities referenced earlier.
iOS 16.4.1 Updates
If you have not yet installed the updates for iOS 16.4.1 and iPadOS 16.4.1, you can easily do so by following the steps below.
Go to Settings > General > Software Update.
It is important to mention that the most prudent course of action is to activate automatic updates on your iPhone or iPad. Let’s walk through the steps to enable this feature.
- Open the Settings app
- On the home page, tap on General, followed by Software Update.
- The page will show the status of Automatic Updates.
- If it is disabled, tap on it and enable the toggles that will make sure your phone downloads and also installs all the software updates automatically.
So why wait! go forth and update your iPhone, iPad, or MacBook!
