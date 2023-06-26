The Indian Computer Emergency Response Team (CERT-In) has warned iPhone and iPad users in India against a vulnerability that can let hackers take control of their devices. The organisation under the Ministry of Electronics and Information Technology (MeitY) has advised users to update their devices. CERT-In has found this vulnerability across iPad Air, iPad Pro, iPad Mini and select iPhone 6s, iPhone 7 series, iPhone 8 series and iPhone SE first-gen. CERT-In has marked this warning as 'high' on its website.

As per the CERT-In website, the vulnerability could let “an attacker to execute arbitrary code on the target system”. It confirms that the vulnerability exists across Apple iOS and iPadOS. Talking about the reason behind these vulnerabilities, CERT-in states, “improper validation in kernel; improper checks; improper state management issues in WebKit."

Notably, Apple has acknowledged the vulnerabilities on its Support Page stating that they were discovered by researchers at the security firm Kaspersky. Apple has recently rolled out iOS 15.7.7 and iPadOS 15.7.7 updates for iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation). There is also iOS 16.5.1 and iPadOS 16.5.1 updates for iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later.

About the WebKit issue, the Apple Support page states, "An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7."

How to update your iOS, iPadOS

To update your operating system on iPhone or iPad, all you need to do is go to Settings> General> Software Update.

