Indian Computer Emergency Response Team (CERT-IN) recently issued a warning for Apple Watch users. The government body has marked the security risk as ‘high severity’ and has mentioned that multiple vulnerabilities in the watch that may make Apple Watch users an easy target for hackers.
For those unintended, CERT-IN is a nodal agency under the Ministry of Electronics and Information Technology. The government body is responsible for highlighting bugs and cybersecurity threats like phishing and hacking.
What government has said
CERT-IN has noted that “these vulnerabilities exist in “Apple watch due to buffer overflow in AppleAVD component; an authorization issue in AppleMobileFileInterity component; out-of-bounds write in Audio, ICU and WebKit component; type confusion in Multi-Touch
component; Multiple out-of-bounds write and memory corruption in GPU Drivers component; out-of-bounds read in Kernel component; and memory initialization in libxml2 component”.
The warning also mentions that remote hackers can exploit these vulnerabilities and execute arbitrary code and bypass security restrictions on the targeted device by sending a specially-crafted request.
Who are affected
According to the warning page, everyone who has an Apple Watch running older than watchOS 8.7 are affected.
What users can do
CERT-IN has advised Apple Watch users to apply the latest security patch for the device that address the vulnerabilities. Thankfully, Apple has already rolled out the watchOS 8.7 update which includes security updates and address the listed vulnerabilities.
How to update Apple Watch
For those unintended, CERT-IN is a nodal agency under the Ministry of Electronics and Information Technology. The government body is responsible for highlighting bugs and cybersecurity threats like phishing and hacking.
What government has said
CERT-IN has noted that “these vulnerabilities exist in “Apple watch due to buffer overflow in AppleAVD component; an authorization issue in AppleMobileFileInterity component; out-of-bounds write in Audio, ICU and WebKit component; type confusion in Multi-Touch
component; Multiple out-of-bounds write and memory corruption in GPU Drivers component; out-of-bounds read in Kernel component; and memory initialization in libxml2 component”.
The warning also mentions that remote hackers can exploit these vulnerabilities and execute arbitrary code and bypass security restrictions on the targeted device by sending a specially-crafted request.
Who are affected
According to the warning page, everyone who has an Apple Watch running older than watchOS 8.7 are affected.
What users can do
CERT-IN has advised Apple Watch users to apply the latest security patch for the device that address the vulnerabilities. Thankfully, Apple has already rolled out the watchOS 8.7 update which includes security updates and address the listed vulnerabilities.
How to update Apple Watch
- Make sure that your watch is connected to Wi-Fi
- On your watch, open the Settings app
- Tap General → Software Update
- Tap Install if a software update is available and follow the onscreen instructions