Government warns Apple Watch users of security flow: Here’s what to do

Here’s why Apple Watch users need to update their software to the latest version as fast as possible.

Apple Watch users using watchOS 8.7 or older versions of the device software have been advised by the government to update their device to the latest software as quickly as possible. The Indian Computer Emergency Response Team (CERT-In) suggested in a report that Apple Watch models running on older versions of the watchOS operating system may be open to a newly discovered vulnerability.

This vulnerability might allow attackers to run arbitrary code and bypass security restrictions on the device. What this means is attackers could make use of this security flaw to execute commands on your device remotely. These commands can include ways to bypass the watch’s security restrictions, allowing the attackers access to private information on the smartwatch.

Technical details

As per the CERT-In vulnerability note, the vulnerabilities exist in Apple Watch models running on older software due to a various flaws. These include “buffer overflow in AppleAVD component; an authorisation issue in AppleMobileFileIntegrity component; out-of-bounds write in Audio, ICU and WebKit component; type confusion in Multi-Touch component; multiple out-of-bounds write and memory corruption in GPU drivers component,” among others.

“A remote attacker could exploit these vulnerabilities by sending a specially-crafted request. Successful exploitation of these vulnerabilities could allow the attacker to execute arbitrary code and bypass security restriction on the targeted system,” the note added.

What can you do about this?

Thankfully, Apple has already released fixes for these security vulnerabilities in the latest version of its watchOS software for compatible models (Apple Watch Series 3 and above). Users can simply update their Apple Watch to implement security patches for these issues.

Source Link