Hyderabad: The Indian Computer Emergency Response Team (CERT-In) on Friday issued a security advisory cautioning users about high-risk vulnerabilities in Apple products, days after a similar warning issued against Samsung Galaxy phones by the agency.
CERT-In, the national nodal agency functioning under the Ministry of Electronics and Information Technology, highlighted multiple vulnerabilities in Apple's iOS, iPadOS, macOS, tvOS, watchOS, and Safari browser. These vulnerabilities could potentially lead to unauthorised access to sensitive information, execution of arbitrary code, bypassing security restrictions, causing denial of service (DoS) conditions, bypassing authentication, gaining elevated privileges, and performing spoofing attacks.
"Multiple vulnerabilities have been reported in Apple products which could allow an attacker to access sensitive information, execute arbitrary code, bypass security restrictions, cause denial of service (DoS) conditions, bypass authentication, gain elevated privileges, and perform spoofing attacks on the targeted systems," read a statement from CERT-In.
How Samsung users were warned? This security advisory followed a similar warning against Samsung Galaxy phones, where CERT-In highlighted vulnerabilities that could enable attackers to bypass security restrictions, access sensitive information, and execute arbitrary code on the targeted system. Samsung Mobile Android versions 11, 12, 13, and 14 were mentioned as being at risk.
“Multiple vulnerabilities have been reported in Samsung products that could allow an attacker to bypass implemented security restrictions, access sensitive information, and execute arbitrary code on the targeted system,” a note issued by CERT-In stated.
Despite Samsung's refusal to comment on the matter, Samsung Security acknowledged the threat and announced the release of security firmware, in collaboration with Google's Android patch, in the upcoming update scheduled for December.
“Samsung Mobile is releasing a maintenance release for major flagship models as part of the monthly Security Maintenance Release(SMR) process. This SMR package includes patches from Google and Samsung,” it stated.
What you need to do? The advisory for both Apple and Samsung products urges users to take immediate action to mitigate the identified risks. Users are strongly recommended to apply security updates immediately to safeguard their devices from potential exploitation of these vulnerabilities. While Samsung has acknowledged the threat and outlined its plan for addressing the issue, Apple's response is yet to come.
A few days back, CERT-In released a security advisory covering Microsoft products. The advisory mentioned vulnerabilities in Microsoft Office, Windows, Azure, Dynamics, and System Center. These vulnerabilities could empower attackers to gain elevated privileges, access sensitive information, execute remote code attacks, perpetrate spoofing attacks, or trigger denial of service conditions.
More from our Apple coverage