India's cybersecurity agency, CERT-In, has issued a "High Severity" warning for iPhone and iPad users. This warning stems from a critical security vulnerability discovered in Apple's iOS and iPadOS operating systems, which could expose users' devices to hacking and data theft.
What is this vulnerability?
According to CERT-In, the vulnerability resides in the "Darwin Notifications" component of Apple's CoreOS layer. Exploiting this flaw, a malicious app can access and transmit system notifications without permission. This could lead to device crashes or the leakage of sensitive information.
Which devices are affected?
Affected devices include iPhone and iPad models running the following software versions:
- iPhones: Versions prior to iOS 18.3, including iPhone 16 and older models.
- iPads: iPadOS 17.7.3 or older versions, specifically:
- iPad Pro 12.9" (2nd Gen)
- iPad Pro 10.5"
- iPad 6th Gen
- iPad Pro 13"
- iPad Pro 12.9" (3rd Gen and later models)
- iPad Pro 11" (1st Gen and later models)
- iPad Air (3rd Gen and later models)
- iPad 7th Gen and later models
- iPad mini (5th Gen and later models)
What are the potential risks?
If users do not update their devices, this vulnerability could render devices unresponsive, potentially requiring users to restore their devices to factory settings.
What should users do?
Both CERT-In and Apple bly advise users to immediately update their devices to the latest software version.
To update:
- Open Settings on your iPhone or iPad.
- Go to General > Software Update.
- Download and install the latest available update.
- Additional Security Suggestions
- Avoid installing unknown apps.
- Exercise caution when using public Wi-Fi networks.
- Enable Lockdown Mode on your device for enhanced security.
This warning serves as a critical alert for millions of iPhone and iPad users in India. Users are urged to update their devices immediately and follow cybersecurity best practices.
