The Indian Computer Emergency Response Team (CERT-In), the national nodal agency for responding to computer security incidents, has asked Apple users to immediately update the software in iPhone and iPad devices.
The agency said that both iOS and iPadOS have active vulnerabilities that are ‘currently being exploited.’
A vulnerability has been reported in Apple iOS and iPadOS which could be exploited by a remote attacker to execute arbitrary code and gain elevated privileges on a targeted system.
Apple users need to update to CERT-In iOS 14.7.1 and iPad OS 14.7.1. If not updated to the latest software versions, attackers may gain elevated privileges on a targeted system.
Devices that are affected are the iPhone 6s and its next-generation models, iPad Pro (all models), iPad Air 2 and newer models, iPad 5th generation and later ones, iPad mini 4 and its latest models, and iPod touch (7th generation).
“This vulnerability exists in IOMobileFrameBuffer of Apple iOS and iPadOS due to memory corruption issues with inadequate memory handling. A remote attacker with kernel privileges can exploit this vulnerability using a maliciously crafted application,” CERT-In said in its description of the threat.
Apple had also warned users that this issue may have been actively exploited.
Published: July 30, 2021, 16:59 IST
Download Money9 App for the latest updates on Personal Finance.