Indian Computer Emergency Response Team warns of ‘critical’ security vulnerabilities in Apple devices

/in


If you are an Apple Watch, TV or Mac user, there is some bad news for you. Security researchers have found two serious vulnerabilities in these three products that could enable hackers to take control of your devices and use them for nefarious purposes.

The three products are wildly popular across the world, not just because of their features but also because Apple gadgets are regarded as status symbols. In particular, there is a sharp uptick in the smartwatch business in India, as the number of increasingly fitness-conscious Indians goes up by the second, and crores of Indians use Apple watches. The tech giant’s Mac systems and TVs, too, are massively sought after.

In two advisories issued on Thursday and Friday, the Indian Computer Emergency Response Team (CERT-In), which is the Central cyber security agency for India, has warned about serious vulnerabilities in all these three products.

In Thursday’s advisory, CERT-In warned of multiple vulnerabilities in the Mac operating system and the vulnerabilities were classified as ‘critical’, which is the most serious rating in cyber security parlance.

“Multiple vulnerabilities have been reported in the Apple Mac OS which could be exploited by a remote attacker to execute arbitrary code, bypass security restrictions and cause denial of service conditions on the targetted system,” the advisory stated.

‘Execution of arbitrary code’ means that a hacker could run any commands or code of their choice on a target device after gaining control of the device using the vulnerability. In simpler words, a hacker would take over the vulnerable device and make it do anything they want.

In the second advisory issued on Thursday, the CERT-In warned of a vulnerability that affects all the three products. This vulnerability, like the first one, also lets a hacker execute arbitrary code on the hacked devices. Given the sheer number of Apple watches, TVs and Macs in use currently, a hacker could have millions of devices at their disposal.

Apple has released patches for both the vulnerabilities, which can be installed by downloading the latest updates to the products. However, what makes the matter even more serious is that, by Apple’s own…

Source…