India’s Computer Emergency Response Team warns of ‘critical’ security vulnerabilities in Apple devices


If you use an Apple Watch, Apple TV, or Apple Mac, there’s bad news for you. Security researchers have discovered two serious vulnerabilities in these three products that could allow hackers to take control of your devices and use them for malicious purposes.

All three products are extremely popular around the world, not only because of their functionality, but also because being an Apple user is considered a status symbol.

The Apple smartwatch market in India in particular is growing rapidly, with more and more fitness-conscious Indians, and millions of Indians using Apple Watches. The tech giant’s Mac systems and TVs are also highly sought after.

In two advisories released on Thursday and Friday, the Computer Emergency Response Team India (CERT-In), the central cybersecurity agency for India, warned of serious vulnerabilities in these three products.

In Thursday’s advisory, CERT-In warned of multiple vulnerabilities in the Mac operating system, and the vulnerabilities were rated as “critical,” which is the highest rating in the parlance of the Mac. cybersecurity.

“Multiple vulnerabilities have been reported in Apple Mac OS that could be exploited by a remote attacker to execute arbitrary code, bypass security restrictions, and cause denial of service conditions on the targeted system,” the advisory reads.

“Arbitrary code execution” means that an attacker could execute any command or code of their choosing on a target device after gaining control of the device using the vulnerability. In simpler terms, a hacker would take control of the vulnerable device and make it do whatever it wants.

In the second advisory, published Thursday, CERT-In warned of a vulnerability that affects all three products. This vulnerability, like the first, also allows an attacker to execute arbitrary code on hacked devices. With the large number of Apple Watches, Apple TVs and Apple Macs currently in use, a hacker could have millions of devices at his disposal.

Apple has released patches for both vulnerabilities, which can be installed by downloading the latest product updates. However, what makes the matter even more serious is that, by Apple’s own admission, these vulnerabilities may already have been exploited by hackers.

“Apple is aware of a report that this issue may have been actively exploited,” the tech giant said in a statement about the two vulnerabilities on its official website.

Both vulnerabilities were reported to Apple by private cybersecurity researchers who wish to remain anonymous. There is an understanding in the cybersecurity community that whenever a researcher finds a vulnerability in a product, they first communicate it to the manufacturer.

The researcher then waits a certain time before making his research public. This is done to give the manufacturer enough time to release fixes for the vulnerabilities.

Users of these three products are advised to download the latest software updates immediately to avoid falling prey to hackers.

Posted: Saturday, May 21, 2022, 6:18 PM IST


About Author

Comments are closed.