The Indian Computer Emergency Response Team (CERT-In), a government office in India under its Ministry of Electronics and Information Technology, has urged iPhone users in the country to update their phones immediately if they do not want hackers to take full control of their devices. Here’s the news story.
CERT-In stated that older models of iPhones, such as the iPhone 6s, iPhone 7 series, iPhone 8 series, and iPhone SE first-gen, are also vulnerable to this security threat, according to the office’s official website.
It added that aside from iPhones, iPads, including iPad Air, Pro, and Mini, are also not free from the attacks, so iPad users must also immediately update their devices to the latest version of iPadOS.
CERT-In said these vulnerabilities are currently occurring in Apple iOS and iPadOS because of improper input validation issues in Kernel and improper state management issues on WebKit.
Kernel is the core of any operating system, while WebKit pertains to the core technology behind the Apple Safari browser.
If iPhone and iPad users fail to take action, CERT-In said that attackers could execute arbitrary code on the target system. In other words, they can fully control the user’s device.
Fortunately, Apple has spoken about this issue and said they are aware of it. On the iOS Kernel issue, Apple’s support page stated, “An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.”
Regarding the issue on WebKit, Apple pointed out, “An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.”
Kaspersky researchers discovered the vulnerabilities. Kaspersky is a multinational cybersecurity and anti-virus provider.
The warning from India’s government came after Apple began releasing new iOS updates for iPhones. These updates include iOS 15.7.7 and iPadOS 15.7.7 for all iPhone 6s and iPhone 7 models, first-gen models of iPhone SE, fourth-gen models of iPad Air and iPad mini, and seventh-gen models of iPad touch.
Furthermore, Apple also released iOS 16.5.1 and iPadOS 16.5.1 updates for iPhone 8 and later, all models of iPad Pro, iPad Air third-gen and later units, iPad fifth-gen and later units, and iPad mini fifth-gen and later units.
So, if you happen to be an iPhone and iPad user in India affected by the vulnerabilities, you won’t lose anything if you follow this advice from the government, right? Update your devices now.
To update your iPhone and iPad, head over to Settings, then to General, then to Software Update.
