- News>
- Technology
Apple Users Alert! Your iPhone, iPad, MacBook could get hacked if not updated: CERT advisory
The Indian Computer Emergency Response Team (CERT-In), India`s central cyber security agency, issued two advisory warning about major vulnerabilities in all three products.
Highlights
- The Indian Computer Emergency Response Team (CERT-In) issued two advisory warning about major vulnerabilities in all three products.
- CERT-In issued a warning about various vulnerabilities in the Mac operating system.
- This data might be used to steal your money, send virus-infected emails to your contacts.
New Delhi: There is some terrible news for Apple Watch, Apple TV, and Mac users. Researchers discovered two severe flaws in these three items, which might allow hackers to take control of your devices and exploit them for malicious reasons.
The three products are extremely popular all over the world, not just because of their functions, but also because Apple products are considered status symbols. In India, in particular, the smartwatch business is booming, as the number of fitness-conscious Indians grows by the second, and millions of Indians wear Apple watches. Mac computers and televisions from the tech giant are also in high demand.
The Indian Computer Emergency Response Team (CERT-In), India's central cyber security agency, issued two advisory on Thursday and Friday warning about major vulnerabilities in all three products.
CERT-In issued a warning on Thursday about various vulnerabilities in the Mac operating system, which were rated as 'critical,' the highest serious classification in cyber security terms.
"A remote attacker might leverage multiple vulnerabilities in the Apple Mac OS to execute arbitrary code, circumvent security limitations, and cause denial of service conditions on the targetted system," according to the alert.
'Execution of arbitrary code' means that a hacker might use the vulnerability to acquire control of a target device and run any instructions or code they wanted. To put it another way, a hacker would take control of the vulnerable device and make it do whatever they wanted.
The CERT-In issued a second advisory on Thursday, warning of a vulnerability that affects all three products. Like the previous, this vulnerability allows a hacker to run arbitrary code on infected devices. Given the current number of Apple watches, TVs, and Macs in use, a hacker may have access to millions of devices.
Apple has issued patches for both vulnerabilities, which can be downloaded along with the current product upgrades. What makes the situation more worse is that, according to Apple, these vulnerabilities may have already been exploited by hackers.
"Apple is aware of a report that this problem has been actively exploited," Apple wrote in a statement on its official website about the two vulnerabilities.
Private cyber security experts who wished to remain anonymous disclosed both vulnerabilities to Apple. In the cyber security world, there is a consensus that anytime a researcher discovers a vulnerability in a product, it should be reported to the manufacturer first. The researcher then takes a break before making his or her findings public. This is done to allow the manufacturer enough time to repair the vulnerabilities.
To avoid becoming a victim of hackers, users of the three programmes are recommended to obtain the most recent software upgrades right away.
A hacker could break into your smartphone and obtain access to all of your personal information.
This data might be used to steal your money, send virus-infected emails to your contacts, and post dangerous content on social media using your accounts.
To create a comprehensive set of identity documents, information such as names, addresses, and PAN and/or Aadhaar card numbers can be merged. Criminal and terrorist elements utilise these sets to construct counterfeit identification documents, thus they're in high demand on the dark web.
A hacker might easily choose to compromise millions of devices and build a botnet, which is a network of hacked devices known as "bots." These botnets are employed in a sophisticated type of cyberattack in which millions of devices simultaneously ping a single server, forcing it to crash. This form of assault is known as a Distributed Denial of Service (DDOS) attack since it prevents a client from using a service.
A DDOS assault, for example, might smash the servers of a city's railway system, leaving thousands of travellers stranded.