Indian govt issues high severity warning for Apple, Android devices: Here's what you need to do

Indian government’s cyber security wing, CERT-In (Indian Computer Emergency Response Team) has issued a ‘high’ severity warning regarding flaws affecting smartphones powered by Google’s Android mobile operating system. Details shared by the organisation point out that vulnerabilities exist due to issues in various hardware components in Android devices, which include Framework, System, MediaTek components, Widevine, Qualcomm components and Qualcomm closed source components.

CERT-In says that if left unpatched, these vulnerabilities can let malicious hackers to obtain sensitive information, gain special privileges and cause a Denial of Service or DoS attack. For the unversed, a DoS attack in wherein an hacker makes a machine or a network temporarily inaccessible to the user.

Who is affected by this vulnerability?

Android device users whose smartphones are running Android versions 12, 12L, 13 and 14 are affected by this bug.

What can Android users do about it?

Google has already issued a patch to fix this vulnerability. Samsung too has rolled out this security update to its users. So, Pixel phone and Samsung smartphone users can download the latest version of the OSes available for their devices to protect themselves.

Other OEMs (original equipment makers) are yet to roll out the Android update to their users. However, the update should arrive soon.

Wait, Apple devices too are in trouble!

In a separate post, CERT-In has also warned against vulnerabilities in Apple devices including iPhones, iPads, PCs and even the Apple Vision Pro. The organisation says that the vulnerability in Apple devices could let a malicious hacker to ‘execute arbitrary code’ on the targeted system. In simple words, hackers can use this flaw to run ther own code on your Apple device and basically do anything, even access your private data.

Who is affected by this vulnerability?

CERT-In has provided a list of Apple devices that are affected by this flaw:

– Apple PCs running Safari versions prior to 17.4.1 (macOS Monterey and macOS Ventura users)

– macOS Monterey versions prior to 13.6.6

– macOS Ventura versions prior to 14.1.1

– visionOS versions prior to 1.1.1

– iOS and iPadOS versions prior to 17.4.1 (iPhone XS and later, iPad Pro 12.9-inch 2nd gen and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st gen and later, iPad Air 3rd gen and later, iPad 6th gen and later, iPad Mini 5th gen and later)

– iOS and iPadOS versions prior to 16.7.7 (iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th gen, iPad Pro 9.7-inch, iPad Pro 12.9-inch 1st gen).

What can Apple users do to protect themselves?

Apple has already issued patches for these vulnerabilities. All Apple device users need to do is download the latest version of Apple’s OSes on their devices. The list includes:

– visionOS 1.1.1

– Safari version 17.4.1 on macOS Monterey and macOS Ventura

– macOS Ventura version 13.6.6

– macOS Sonoma version 14.4.1

– iPadOS 17.4.1 and iOS version 17.4.1

– iOS 16.7.7 and iPadOS 16.7.7