India’s Cyber Agency Wants You to Update Your iPhone, iPad & Mac Right Away!
Jul. 31, 2021Earlier this week, Apple released iOS 14.7.1 and macOS Big Sur 11.5.1. The iOS update fixes an issue with Apple Watch pairing on iPhones with Touch ID. However, it alsocomes with a fix for a critical security vulnerabilitythat may have been actively exploited. The Indian Computer Emergency Response Team (CERT-In) has now issued a vulnerability note urging users to update their iPhones immediately.
“A vulnerability has been reported in Apple iOS and iPadOS which could be exploited by a remote attacker to execute arbitrary code and gain elevated privileges on a targeted system. This vulnerability is currently exploited in the wild, users are advised to apply patches urgently,”wroteCERT-In in its vulnerability note.
If you are unaware, the vulnerability in question is calledIOMobileFrameBuffer. It gives apps the ability to execute arbitrary code with kernel privileges. Apple even goes on to state that it is aware of a report that this issue may have been actively exploited, citing an anonymous researcher.
The emergency bugfix is available for iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation).
If you own any of these devices, you can navigate toSettings -> General -> Software Updateto keep your iPhone/ iPad secure. Mac users can update to macOS Big Sur 11.5.1 to stay on the safer side. To update your Mac, go toApple menu -> System Preferences -> Software Update -> Update Now.
Subin writes about consumer tech, software, and security. He secretly misses the headphone jack while pretending he’s better off with the wireless freedom.
