{"vars":{"id": "108938:4684"}}

High-Risk Alert: CERT-In Warns Apple Users of Major Security Flaws—Update Your iPhones, Macs, and Watches to Avoid Hackers’ Attacks!

Issued on September 19, the advisory highlights significant security flaws in Apple’s iOS, iPadOS, macOS, watchOS, visionOS, and other software, urging users to update their devices immediately.

By Gaurav Santosh Sep 22, 2024, 17:49 IST

The Indian Computer Emergency Response Team (CERT-In) has issued a high-risk advisory concerning multiple vulnerabilities found in a wide range of Apple products, just days after the release of the iPhone 16 series. Issued on September 19, the advisory highlights significant security flaws in Apple’s iOS, iPadOS, macOS, watchOS, visionOS, and other software, urging users to update their devices immediately.

Affected Apple Products

The CERT-In advisory details the affected products and versions as follows:

  • iOS: Versions prior to 18 and 17.7
  • iPadOS: Versions prior to 18 and 17.7
  • macOS Sonoma: Versions prior to 14.7
  • macOS Ventura: Versions prior to 13.7
  • macOS Sequoia: Versions prior to 15
  • tvOS: Versions prior to 18
  • watchOS: Versions prior to 11
  • Safari: Versions prior to 18
  • Xcode: Versions prior to 16
  • visionOS: Versions prior to 2

Key Risks and Impacts

The vulnerabilities have been rated as "high" risk, meaning that they could allow attackers to:

  • Gain unauthorized access to sensitive information.
  • Execute arbitrary code on the device.
  • Bypass critical security restrictions.
  • Cause denial-of-service (DoS) conditions.
  • Elevate privileges and gain control over the system.
  • Perform spoofing attacks and engage in cross-site scripting (XSS) attacks.

Potential Impacts by Product

  • iOS and iPadOS: Users could face DoS attacks, information theft, and security bypassing if they are running software versions older than iOS 18 or 17.7.
  • macOS (Sonoma, Ventura, Sequoia): Data manipulation, DoS, privilege escalation, and XSS attacks are potential threats for those using older macOS versions.
  • tvOS and watchOS: These products could be susceptible to DoS attacks, XSS vulnerabilities, and unauthorized data access.
  • Safari and Xcode: Older versions are at risk of spoofing attacks and security bypass vulnerabilities.
  • visionOS: Users may face risks such as data manipulation, DoS, and potential information disclosure.

CERT-In Recommendations

CERT-In has urged Apple users to immediately update their devices to the latest software versions to protect against these vulnerabilities. In addition, users are advised to:

  • Monitor their devices for any unusual or suspicious activity.
  • Implement robust cybersecurity measures to protect against potential attacks.

As security vulnerabilities pose significant risks, CERT-In’s advisory highlights the importance of keeping devices updated with the latest security patches. Apple users are encouraged to act promptly to safeguard their sensitive information and devices from potential threats.