Business Today
Subscribe
PMS TodayBudget 2025US NewsIndiaWeatherBT ShortsNRIEducationElection
BT GolfBT India 100BT Mindrush
Search
Advertisement
Business News
technology
news
CERT-IN issues vulnerability warning for Windows, iOS, iPadOS with ‘high’ severity rating

CERT-IN issues vulnerability warning for Windows, iOS, iPadOS with ‘high’ severity rating

CERT-IN said that the vulnerability exists in Windows due to overly permissive Access Control Lists (ACLs) on multiple system files

Join Our WhatsApp Channel
BusinessToday.In
  • Updated Jul 30, 2021 10:38 AM IST
CERT-IN issues vulnerability warning for Windows, iOS, iPadOS with ‘high’ severity ratingCERT-IN issues high severity alert for Windows, iOS and iPadOS

The Indian Computer Emergency Response Team (CERT-IN) has issued a vulnerability warning for some versions of Microsoft’s Windows as well as iOS and iPadOS. The agency has said that the severity of the vulnerability is ‘high’. It said that the vulnerability could allow an attacker to gain elevated privileges on the targeted system.

Advertisement

CERT-IN said that the vulnerability exists in Windows due to overly permissive  Access Control Lists (ACLs) on multiple system files, including the Security Accounts Manager (SAM) database.

It warned that due to the vulnerability, an attacker could gain a shadow copy of the system drive, exploit security weaknesses, extract account password hashes as well as discover the original Windows installation password.

The affected Windows software are as follows:
 

  • Windows 10 Version 1809 for 32-bit Systems, ARM64-based systems and x64-based systems
  • Windows 10 Version 1909 for 32-bit Systems, ARM64-based systems and x64-based systems
  • Windows 10 Version 2004 for 32-bit Systems, ARM64-based systems and x64-based systems
  • Windows 10 Version 20H2 for 32-bit Systems, ARM64-based systems and x64-based systems
  • Windows 10 Version 21H1 for 32-bit Systems, ARM64-based systems and x64-based systems
  • Windows Server 2019
  • Windows Server 2019 (server core installation)
  • Windows Server, version 2004 (server core installation)

The cyber agency had also issued a high severity alert for Apple iPhone and iPad users. It asked them to immediately update their devices to iOS 14.7.1 and iPadOS 14.7.1. The agency under the Ministry of Electronics and Information Technology said that active vulnerabilities in both iPad and iPhones are “currently being exploited”. Not updating their system will allow an attacker to gain elevated privileges to the targeted system.

Advertisement

The affected Apple software are as follows:

  • Apple macOS Big Sur versions prior to  11.5.1
  • Apple iOS and iPadOS versions prior to 14.7.1
  • iPhone 6s and later,
  • iPad Pro (all models)
  • iPad Air 2 and later
  • iPad 5th generation and later
  • iPad mini 4 and later
  • iPod touch (7th generation)
  • macOS Big Sur

This vulnerability exists in IOMobileFrameBuffer of Apple iOS and iPadOS due to memory corruption issues with inadequate memory handling.

Also read: Microsoft looks to invest in Oyo before potential IPO

For Unparalleled coverage of India's Businesses and Economy – Subscribe to Business Today Magazine

Published on: Jul 30, 2021 10:35 AM IST
Follow Us onChannel
Post a comment0

TOP STORIES

TOP VIDEOS

market today