APPLE CYBERSECURITY ALERT: iOS USERS MUST ACT NOW

Apple Cybersecurity Alert Issued by CERT-In

The Computer Emergency Response Team (CERT-In), under the Ministry of Electronics and Information Technology (MeitY), has issued a high-severity alert directed at Apple users. This alert concerns multiple vulnerabilities impacting various Apple products following the release of the iPhone 16. The compromised systems include iOS, iPadOS, macOS, tvOS, watchOS, Safari, Xcode, and visionOS.

Risks Highlighted by CERT-In

According to CERT-In, these vulnerabilities could allow malicious actors to access sensitive user data and execute harmful actions. The agency's advisory outlined the potential for attackers to:

• Execute arbitrary code
• Bypass security restrictions
• Cause denial-of-service (DoS) conditions
• Elevate access privileges

Moreover, there is a risk of authentication bypasses, granting unauthorized access and facilitating spoofing attacks, which endanger users' privacy and security.

Vulnerable Apple OS Versions

The vulnerabilities affect a range of Apple systems, specifically:

1. iOS and iPadOS versions prior to 18 and 17.7
2. macOS Sonoma versions before 14.7
3. macOS Ventura versions before 13.7
4. macOS Sequoia versions before 15
5. tvOS versions prior to 18
6. watchOS versions before 11
7. Safari versions before 18
8. Xcode versions before 16
9. visionOS versions before 2

Immediate User Actions Required

CERT-In emphasizes the urgency for all users of these Apple products to update their devices to the latest software version. Apple has released necessary patches that address these pressing vulnerabilities. Maintaining updated software is crucial for safeguarding against security breaches.

This warning comes on the heels of a similar notification from CERT-In earlier this month concerning vulnerabilities within Google Chrome that also affected Windows, macOS, and Linux users. Those users were encouraged to update to Chrome version 128.0.6613.119/.120 to mitigate risks.