Srinagar: The Central government has issued an extreme warning to Apple customers about a new security flaw that might let intruders take over their gadgets. The WebKit browser engine, which is used by Safari and other browsers, has a vulnerability.
Apple devices like the iPhone and iWatch include it.
The Ministry of Electronics and Information Technology’s Indian Computer Emergency Response Team has issued a warning regarding a number of vulnerabilities that could enable an attacker to run arbitrary code, gain elevated privileges, or get around security measures on the target system.
It is the primary institution in charge of addressing dangers to internet security including hacking and scams. It improves the Indian Internet domain’s security safeguards.
These flaws are present in Apple products as a result of errors with the Webkit component, the Kernel, and the security component’s certificate validation. According to the CERT-IN release, “An attacker could exploit these vulnerabilities by sending specially crafted requests.”
By luring users into visiting a rogue website or opening a malicious attachment, attackers might take advantage of the vulnerability.
If the assault is successful, the attackers might access the user’s private files and information, and they could even be able to infect the user’s device with malware.
Due to problems with certificate validation in the security component, the Kernel, and the WebKit component, Apple devices are susceptible to these vulnerabilities.
By submitting a request that is well written, an attacker might take advantage of these weaknesses.
These flaws might allow an attacker to override security measures on the targeted system or run arbitrary code, giving them greater access privileges.
Users should immediately upgrade their devices to the most current watchOS, tvOS, and macOS versions if they wish to safeguard their data, advises the national nodal body that oversees cybersecurity-related issues across several releases.
Attackers could be able to access Apple watches, TVs, iPhones, and MacBooks if software weaknesses are not fixed.
The required updates from Apple are also available on the official website, cert-in.org.in, to resolve this problem.
Apple macOS Monterey versions prior to 12.7, Apple macOS Ventura versions prior to 13.6, Apple watchOS versions prior to 9.6.3 and 10.0.1, Apple iOS versions prior to 16.7 and iPadOS versions prior to 16.7, Apple iOS versions prior to 17.0.1 and iPadOS versions prior to 17.0.1, and Apple Safari versions prior to 16.6.1 are all on the list of affected software.
