ETV Bharat / science-and-technology

Apple users warned: Government issues high risk alerts in iOS, after flagging Samsung vulnerabilities

Days after issuing a security advisory cautioning users about high-risk vulnerabilities in Samsung Galaxy phones, Computer Emergency Response Team(CERT-In) has issued a similar advisory for Apple products highlighting multiple vulnerabilities in Apple's iOS, iPadOS, macOS, tvOS, watchOS, and Safari browser, among others. Earlier, Samsung Mobile Android versions 11, 12, 13, and 14 were mentioned as being at risk by the agency.

Few days after issuing a security advisory cautioning users about high-risk vulnerabilities in Samsung Galaxy phones, CERT-In has issued a similar advisory for Apple products highlighting multiple vulnerabilities in Apple's iOS, iPadOS, macOS, tvOS, watchOS, and Safari browser. Earlier, Samsung Mobile Android versions 11, 12, 13, and 14 were mentioned as being at risk by the agency.
Apple smartphones
author img

By ETV Bharat Tech Team

Published : Dec 16, 2023, 10:58 AM IST

Hyderabad: The Indian Computer Emergency Response Team (CERT-In) on Friday issued a security advisory cautioning users about high-risk vulnerabilities in Apple products, days after a similar warning issued against Samsung Galaxy phones by the agency.

CERT-In, the national nodal agency functioning under the Ministry of Electronics and Information Technology, highlighted multiple vulnerabilities in Apple's iOS, iPadOS, macOS, tvOS, watchOS, and Safari browser. These vulnerabilities could potentially lead to unauthorised access to sensitive information, execution of arbitrary code, bypassing security restrictions, causing denial of service (DoS) conditions, bypassing authentication, gaining elevated privileges, and performing spoofing attacks.

"Multiple vulnerabilities have been reported in Apple products which could allow an attacker to access sensitive information, execute arbitrary code, bypass security restrictions, cause denial of service (DoS) conditions, bypass authentication, gain elevated privileges, and perform spoofing attacks on the targeted systems," read a statement from CERT-In.

How Samsung users were warned? This security advisory followed a similar warning against Samsung Galaxy phones, where CERT-In highlighted vulnerabilities that could enable attackers to bypass security restrictions, access sensitive information, and execute arbitrary code on the targeted system. Samsung Mobile Android versions 11, 12, 13, and 14 were mentioned as being at risk.

“Multiple vulnerabilities have been reported in Samsung products that could allow an attacker to bypass implemented security restrictions, access sensitive information, and execute arbitrary code on the targeted system,” a note issued by CERT-In stated.

Despite Samsung's refusal to comment on the matter, Samsung Security acknowledged the threat and announced the release of security firmware, in collaboration with Google's Android patch, in the upcoming update scheduled for December.

“Samsung Mobile is releasing a maintenance release for major flagship models as part of the monthly Security Maintenance Release(SMR) process. This SMR package includes patches from Google and Samsung,” it stated.

What you need to do? The advisory for both Apple and Samsung products urges users to take immediate action to mitigate the identified risks. Users are strongly recommended to apply security updates immediately to safeguard their devices from potential exploitation of these vulnerabilities. While Samsung has acknowledged the threat and outlined its plan for addressing the issue, Apple's response is yet to come.

A few days back, CERT-In released a security advisory covering Microsoft products. The advisory mentioned vulnerabilities in Microsoft Office, Windows, Azure, Dynamics, and System Center. These vulnerabilities could empower attackers to gain elevated privileges, access sensitive information, execute remote code attacks, perpetrate spoofing attacks, or trigger denial of service conditions.

More from our Apple coverage

  1. Apple 'hacking' alerts: Why most politicians in India use iPhones
  2. Govts spying on Apple, Google users via push notifications: US Senator
  3. Apple to upgrade all iPad models in 2024, bring new 12.9-inch iPad Air: Analyst
  4. How to know if your phone is hacked? Here's how you can identify and avoid hacking

Hyderabad: The Indian Computer Emergency Response Team (CERT-In) on Friday issued a security advisory cautioning users about high-risk vulnerabilities in Apple products, days after a similar warning issued against Samsung Galaxy phones by the agency.

CERT-In, the national nodal agency functioning under the Ministry of Electronics and Information Technology, highlighted multiple vulnerabilities in Apple's iOS, iPadOS, macOS, tvOS, watchOS, and Safari browser. These vulnerabilities could potentially lead to unauthorised access to sensitive information, execution of arbitrary code, bypassing security restrictions, causing denial of service (DoS) conditions, bypassing authentication, gaining elevated privileges, and performing spoofing attacks.

"Multiple vulnerabilities have been reported in Apple products which could allow an attacker to access sensitive information, execute arbitrary code, bypass security restrictions, cause denial of service (DoS) conditions, bypass authentication, gain elevated privileges, and perform spoofing attacks on the targeted systems," read a statement from CERT-In.

How Samsung users were warned? This security advisory followed a similar warning against Samsung Galaxy phones, where CERT-In highlighted vulnerabilities that could enable attackers to bypass security restrictions, access sensitive information, and execute arbitrary code on the targeted system. Samsung Mobile Android versions 11, 12, 13, and 14 were mentioned as being at risk.

“Multiple vulnerabilities have been reported in Samsung products that could allow an attacker to bypass implemented security restrictions, access sensitive information, and execute arbitrary code on the targeted system,” a note issued by CERT-In stated.

Despite Samsung's refusal to comment on the matter, Samsung Security acknowledged the threat and announced the release of security firmware, in collaboration with Google's Android patch, in the upcoming update scheduled for December.

“Samsung Mobile is releasing a maintenance release for major flagship models as part of the monthly Security Maintenance Release(SMR) process. This SMR package includes patches from Google and Samsung,” it stated.

What you need to do? The advisory for both Apple and Samsung products urges users to take immediate action to mitigate the identified risks. Users are strongly recommended to apply security updates immediately to safeguard their devices from potential exploitation of these vulnerabilities. While Samsung has acknowledged the threat and outlined its plan for addressing the issue, Apple's response is yet to come.

A few days back, CERT-In released a security advisory covering Microsoft products. The advisory mentioned vulnerabilities in Microsoft Office, Windows, Azure, Dynamics, and System Center. These vulnerabilities could empower attackers to gain elevated privileges, access sensitive information, execute remote code attacks, perpetrate spoofing attacks, or trigger denial of service conditions.

More from our Apple coverage

  1. Apple 'hacking' alerts: Why most politicians in India use iPhones
  2. Govts spying on Apple, Google users via push notifications: US Senator
  3. Apple to upgrade all iPad models in 2024, bring new 12.9-inch iPad Air: Analyst
  4. How to know if your phone is hacked? Here's how you can identify and avoid hacking
ETV Bharat Logo

Copyright © 2024 Ushodaya Enterprises Pvt. Ltd., All Rights Reserved.