Beware, Apple Watch users! India flags major security flaw, advises to update software

By Gargi Chaudhry  |  First Published Jul 27, 2022, 10:47 AM IST

The Indian government has discovered a number of flaws in Apple Watch operating systems older than 8.7. These flaws might allow attackers to circumvent security measures and execute arbitrary code on the device. These vulnerabilities have a high severity rating and can be used by attackers to gain control of a targeted Apple Watch.


Beware, Apple Watch users! A security flaw was discovered in watchOS versions before to 8.7. The Indian government has discovered a number of flaws in Apple Watch operating systems older than 8.7. These flaws might allow attackers to circumvent security measures and execute arbitrary code on the device. These vulnerabilities have a high severity rating and can be used by attackers to gain control of a targeted Apple Watch.

To remedy the vulnerability, the government has issued a security alert advising Apple Watch owners to update their devices to the newest version of watchOS 8.7. In a vulnerability note, India's Computer Emergency Response Team (CERT-in) said that previous versions of the gadget are vulnerable to several vulnerabilities. These might allow an attacker to circumvent the device's security measures. It has a high severity level according to CERT-in.

Tap to resize

Latest Videos

Tap to resize

Also Read | Apple Watch Pro might have larger display, longer battery with titanium case: Report

The flaws were discovered as a result of a buffer overflow in the AppleAVD component, an issue in the AppleMobilityFile component, and out-of-bounds writing in various Apple Watch components. Furthermore, CERT-in has noticed that these difficulties might be caused by a variety of circumstances, including a lack of memory initialisation in the libxml2 component and misunderstanding in the Multi-touch component. According to CERT-in, a remote attacker might exploit these flaws by submitting a specially crafted request to the device.

Apple disclosed the issue on its support page, noting that it might allow a remote user to trigger a crash and execute kernel code. It went on to say that an attacker might possibly circumvent the security constraints on an Apple Watch running a version older than 8.7. To resolve this vulnerability, the government has advised consumers to upgrade their devices to watchOS 8.7. In addition, Apple has provided a security upgrade for the gadget.

Also Read | Apple Watch detects deadly tumour, constant warning saves user's life in Maine

click me!