UAE Authorities Identify Security Vulnerabilities in Apple Devices

Asma Ahmed - | Technology

Residents of the United Arab Emirates (UAE) have recently been alerted to security flaws in some Apple products by the UAE Cyber Security Council.

Apple Devices in UAE Face Vulnerabilities

The alert highlighted the detection of three security vulnerabilities that could potentially affect users of Apple products. These vulnerabilities target specific Apple devices, including iPhone 8 and later models, iPad Mini 5th generation and newer devices, macOS Monterey and later on Mac computers, and Apple Watch from version 4 and onwards.

Protect Your Devices by Installing the Latest Updates

To safeguard their devices and data, the UAE Cyber Security Council strongly recommended that users of the affected Apple devices promptly install the latest updates provided by Apple. These updates are designed to address the identified vulnerabilities and enhance the overall security of the devices.

Versions with Fixes Available

The UAE authorities also shared information regarding the fixed versions for these vulnerabilities. Users should ensure that their devices are updated to the following versions:

  • watchOS 9.6.3/10.0.1
  • MacOS 12.7/13.6
  • iPadOS 16.7/17.0.1
  • iOS 16.7/17.0.1

Apple's Response

In response to these security vulnerabilities, Apple took action by releasing patches for the identified issues. On September 21, Apple issued updates to address three zero-day vulnerabilities affecting macOS 12.7/13.6, iOS 17.0.1, and iPadOS 17.0.1. Apple acknowledged that these vulnerabilities "may have been actively exploited against versions of iOS before iOS 16.7."

Details of the Vulnerabilities

Two defects in the WebKit browser engine (CVE-2023-41993) and Security framework (CVE-2023-41991) are among the aforementioned security flaws. By manipulating websites, these flaws may give attackers the ability to avoid signature verification and run arbitrary code. The Kernel Framework (CVE-2023-41992), which offers APIs and kernel extensions, was found to have the third vulnerability. This vulnerability could be used by local attackers to increase their privileges on vulnerable devices.

Credits to Security Researchers

It's important to note that these zero-day vulnerabilities were discovered and reported by security researchers Bill Marczak from the Citizen Lab at the University of Toronto's Munk School and Maddy Stone from Google's threat analysis team.

Moreover, The UAE Cyber Security Council's alert serves as a timely reminder for Apple device users in the UAE to stay vigilant and keep their devices up to date with the latest security patches. By doing so, users can protect themselves from potential security threats and vulnerabilities.

About Author

Asma Ahmed
Asma Ahmed
1499 Total posts

Read Also

Technology
WhatsApp will soon provides offline file sharing

WhatsApp, file transfer, without internet, necessary permissions, how to use the feature, privacy, Android system, building permits,

Technology
The Cyber Security Council warns Google Chrome users in the UAE

The Cyber Security Council is cautioning Google Chrome users in the United Arab Emirates.

Technology
UAE Launches Du Digital Financial Services With Central Bank Licence

Du has secured licenses from the Central Bank of the UAE to offer innovative digital financial services, marking a significant development in the telecommunications landscape.

Technology
A Dubai resident to set Microchip in hand for Keyless Access

Say goodbye to the hassle of juggling keys or fretting over losing them—Dubai resident Briar Prestidge is about to usher in a new era of convenience. Next month, the New Zealand expat and CEO of the Prestidge Group will bid farewell to traditional...

Apple Launch iPhone 15 Today in Bid to Reverse Sales Slump