Govt cyber security body issues ‘high-risk’ warnings for these Apple users. Know how to fix | #ios | #apple | #iossecurity


Govt cyber security body issues ‘high-risk’ warnings for these Apple users. Know how to fix

The Indian Computer Emergency Response Team (CERT-In), the IT ministry’s national incident response centre for cyber community, flagged several security risks marked ‘high’ risk and ‘critical’ for for Apple users on Wednesday. CERT-In found vulnerabilities in macOS, Apple iOS, iPadOS, Apple watchOS— Apple’s operating systems for laptops, mobiles, iPads and iWatch.

For Apple laptops and desktop users, warnings were issued for those using Safari browser version 15.5 or prior on macOS.

MacOS security risks & how to fix it

In the warnings marked as ‘critical’ for Apple Safari versions prior to Safari 15.5 for macOS, the ministry body said, multiple vulnerabilities were reported in Apple Safari for macOS Big Sur and macOS Catalina which could be exploited by remote attacker to execute the arbitrary code on the targeted system. These vulnerabilities exist in Apple Safari for macOS Big Sur and macOS Catalina due to memory corruption and use-after free within the WebKit component. A remote attacker could exploit these vulnerabilities by persuading a victim to visit maliciously crafted web content. Successful exploitation of these vulnerabilities could allow a remote attacker to execute the arbitrary code on the targeted system.

Related News

Netflix lays off 150 employees amid slow revenue growth

Netflix lays off 150 employees amid slow revenue growth

Saudi Aramcos Q1 profits jump 82 as oil prices surge

Saudi Aramco’s Q1 profits jump 82% as oil prices surge

In order to fix the vulnerabilities, CERT-In suggested users to update with the latest software updates released by Apple as recently as this week

Apple iOS, iPadOS problems & how to fix it

The ministry body also found multiple vulnerabilities in Apple IOS and iPadOS which could be exploited by a remote attacker to execute arbitrary code, bypass security restrictions and cause denial of service condition on a targeted system.

Related News

Apple no longer worlds most valued company This Saudi company is now no1

Apple no longer world’s most valued company. This Saudi company is now no.1

Musk says he would reverse Twitter ban on Donald Trump

Musk says he would reverse Twitter ban on Donald Trump

“These vulnerabilities exists in Apple iOS and iPadOS due to use after free in AppleAVD, WebKit, libxml2 & Kernel component; memory corruption in AppleGraphicsControl, WebKit, I0MobileFrameBuffer, 10SurfaceAccelerator, Kernel, Wi-Fi & GPU Drivers; out-of-bounds write in AVEVideoEncoder; out-of-bounds access in DriverKit; integer overflow in Image10; race condition in 10Kit & Kernel; access issue in LaunchServices; logic issues in Safari Private Browsing & WebRTC; certificate parsing in Security; authorization issues in Shortcuts and improved checks in Wi-Fi & Notes. A remote attacker can exploit these vulnerabilities by persuading a victim to visit a maliciously crafted web content,” it warned.

Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code, cause denial of service condition and bypass security on the targeted system, it further said.

It further said the vulnerabilities can be secured by getting the latest updates from Apple here

Related News

PLI Scheme Apple on a roll in FY23 Rs 47000 crore of iPhones may be Made in India

PLI Scheme: Apple on a roll in FY23, Rs 47,000 crore of iPhones may be Made in India

Warren Buffets Berkshire sees big drop in first quarter income operating results flat

Warren Buffet’s Berkshire sees big drop in first quarter income, operating results flat

Apple watchOS security risks & how to fix them

CERT-In also issued a ‘high severity’ warning for Apple watchOS used in digital watches of Apple. The vulnerabilities might allow an attacker to execute arbitrary code and bypass security restrictions on the targeted OS. It can be fixed by updating the OS with latest software update issued by Apple here.



Original Source link

Leave a Reply

Your email address will not be published.

twenty one − = eleven