The devices at most risk are older versions of iOS, iPadOS, macOS, and even visionOS for the Vision Pro headset.
India’s cybersecurity agency CERT-In has issued a warning about a “high” severity flaw that allows remote code execution attacks on a wide range of Apple products.
The devices at most risk are older versions of iOS, iPadOS, macOS, and even visionOS for the Vision Pro headset.
Indian Computer Emergency Response Team has shared the details which pointed out that vulnerabilities exist due to issues in various hardware components in Android devices, which include Framework, System, MediaTek components, Widevine, Qualcomm components and Qualcomm closed source components.
It stems from an out-of-bounds write issue in WebRTC and CoreMedia components that enables bad actors to run malicious code on vulnerable devices remotely.
Almost all recent iPhone (8 and later), iPad (5th gen and newer), and Mac laptop/desktop is impacted if not updated, reported the Indian Express.
The Vision Pro is also vulnerable on visionOS versions before 1.1.1. Older iPhones like the 8/X and some older iPads are at risk if they haven’t made the jump to iOS/iPadOS 16.7.7 at minimum.
CERT-In has warned that if left unpatched, these vulnerabilities can let malicious hackers obtain sensitive information, gain special privileges and cause a Denial of Service or DoS attack.
A DoS attack is wherein an hacker makes a machine or a network temporarily inaccessible to the user.
CERT-In has cautioned against vulnerabilities in various Apple devices like iPhones, iPads, PCs, and the Apple Vision Pro. The organization highlights that these vulnerabilities could enable malicious hackers to execute arbitrary code on the targeted system.
In simpler terms, hackers could exploit this flaw to run their own code on Apple devices, potentially accessing private data. Apple has promptly released patches to address these vulnerabilities. To safeguard their devices, all Apple users are advised to download the latest versions of Apple's operating systems.
Google has released a patch to address a vulnerability, and Samsung has also deployed this security update for its users. This means that Pixel phone and Samsung smartphone users can safeguard their devices by downloading the latest OS version. While other OEMs are still pending the Android update release, users can expect it to be available soon, ensuring comprehensive protection across various devices.
Kerala sets up high-power committee to tackle rising infectious diseases
India records gains in maternal and reproductive health: Report
DU releases first PG admission list, allocates over 11,500 seats
UP extends summer vacation in schools till June 24 amid heatwave
Telegram founder questions India’s decision to block platform over NEET concerns
UP extends summer vacation in schools till June 24 amid heatwave
Telegram founder questions India’s decision to block platform over NEET concerns
States offer free bus rides, fare concessions for NEET UG 2026 re-exam candidates
Telegram approaches Delhi HC against block order linked to NEET re-exam
Israel strikes kill 4 in Lebanon as Trump publicly rebukes Netanyahu
Kerala sets up high-power committee to tackle rising infectious diseases
India records gains in maternal and reproductive health: Report
DU releases first PG admission list, allocates over 11,500 seats
UP extends summer vacation in schools till June 24 amid heatwave
Telegram founder questions India’s decision to block platform over NEET concerns
UP extends summer vacation in schools till June 24 amid heatwave
Telegram founder questions India’s decision to block platform over NEET concerns
States offer free bus rides, fare concessions for NEET UG 2026 re-exam candidates
Telegram approaches Delhi HC against block order linked to NEET re-exam
Israel strikes kill 4 in Lebanon as Trump publicly rebukes Netanyahu
Copyright© educationpost.in 2024 All Rights Reserved.
Designed and Developed by @Pyndertech