India’s cyber-security agency, the Indian Computer Emergency Response Team or CERT-In has warned of high vulnerabilities in the Apple Watch ecosystem. The vulnerabilities would can allow hackers to bypass the company’s security measures that have been built into Apple’s WatchOS.
In an advisory, CERT-In has said that users should update their Watch OS to the latest security versions rolled out by the company. The vulnerabilities have been reported in versions of WatchOS prior to the 8.7 version.
This vulnerability might allow attackers to run arbitrary code and bypass security restrictions on the device. What this means is attackers could make use of this security flaw to execute commands on your device remotely. These commands can include ways to bypass the watch’s security restrictions, allowing the attackers access to private information on the smartwatch.
As per the CERT-In vulnerability note, the vulnerabilities exist in Apple Watch models running on older software due to various flaws. These include “buffer overflow in AppleAVD component; an authorisation issue in AppleMobileFileIntegrity component; out-of-bounds write in Audio, ICU and WebKit component; type confusion in Multi-Touch component; multiple out-of-bounds write and memory corruption in GPU drivers component,” among others.
“Successful exploitation of these vulnerabilities could allow the attacker to execute arbitrary code and bypass security restrictions on the targeted system,” the note added.
Apple has already released fixes for these security vulnerabilities in the latest version of its watchOS software for compatible models, which are Apple Watch Series 3 and above.
In order to update their Apple Watch, users need to ensure that their device has at least 50 per cent battery, and is connected to a WiFi network. Open Settings on the watch itself, and navigate to General/Software Update. If an update is available, users need to follow the on-screen instructions to update their devices.
from Firstpost Tech Latest News https://ift.tt/Z2geVBt
Comments
Post a Comment