The Indian Computer Emergency Response Team (CERT-In), a government-mandated information technology (IT) security organisation, has warned Apple users to immediately update their iPhone and iPad devices to the latest software update.
The agency said that both iOS and iPadOS have active vulnerabilities that are “currently being exploited.”
CERT-In has asked Apple users in the country to update to iOS 14.7.1 and iPadOS 14.7.1.
According to the government agency, devices that are affected are iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later and iPod touch (7th generation).
“A vulnerability has been reported in Apple iOS and iPadOS which could be exploited by a remote attacker to execute arbitrary code and gain elevated privileges on a targeted system,” CERT-In said in a statement.
This vulnerability exists in IOMobileFrameBuffer of Apple iOS and iPadOS due to memory corruption issues with inadequate memory handling. "A remote attacker with kernel privileges can exploit this vulnerability using a maliciously crafted application," the agency explained.
Not updating to the latest software versions may allow attackers to gain elevated privileges on a targeted system.
Apple had also warned users that this issue may have been actively exploited.
Meanwhile, the new iOS 14.7.1 also fixes an issue where iPhone models with Touch ID cannot unlock a paired Apple Watch using the ‘Unlock with iPhone’ feature.
(With input from The Times of India)
. Read more on Tech and Auto by The Quint.'Update Immediately': Govt Issues Vulnerability Warning for iPhones, iPads New Karnataka CM Basavaraj Bommai in Delhi; To Meet PM Modi, Amit Shah . Read more on Tech and Auto by The Quint.