CERT-In, the nodal cybersecurity agency under the Department of Electronics and Information Technology (Meity), has issued a “high severity” vulnerability rating for Apple Watches running on an operating system older than watchOS 8.7.
If you are an Apple Watch user, the warning issued by the Center should apply to you. The Computer Emergency Response Team India (CERT-In) of the Ministry of Electronics and Information Technology has issued a high severity level warning to all Apple Watch users regarding the vulnerabilities present. in OS versions earlier than 8.7. The CERT-in said the vulnerabilities, if exploited, “can cause serious damage as the device becomes an easier target for attackers.”
In a notice released on July 22, the core team urged Apple Watch users to update their devices to Apple’s latest update – WatchOS 8.7 to fix the security threat.
“These vulnerabilities exist in Apple Watch due to a buffer overflow in the Apple AVD component; a permission issue in the Apple Mobile File Integrity component; out-of-bounds writing in Audio, ICU, and WebKit components; type confusion in Multi-Touch component; Several out-of-bounds writes and memory corruption in the GPU Drivers component; read out of bounds in kernel component; and memory initialization in the libxml2 component,” CERT-In noted explaining the reasons for the flaws.
The warning page mentions that these vulnerabilities can give attackers remote access to the targeted device who can then “execute arbitrary code and bypass security restrictions on the targeted device”. They can obtain remote access to these vulnerabilities upon specially crafted request.
The CERT-In advisory says users should apply “appropriate fixes” released by Apple Security Updates. Apple released a patch for these vulnerabilities on Wednesday, July 20 as part of its WatchOS 8.7 update.
The steps suggested by Apple to directly update the device are as follows.
1) Make sure your watch is connected to Wi-Fi.
2) On your watch, open the Settings app.
3) Tap General > Software Update.
4) Tap Install if a software update is available, then follow the on-screen instructions.