The Indian Computer Emergency Response Team (CERT-In) has issued a critical advisory concerning significant security vulnerabilities in several Apple products, including iPhones, iPads, and other Apple devices. The advisory, released on August 2, describes these vulnerabilities as “highly severe” and warns of potential risks such as unauthorized access to sensitive information, arbitrary code execution, bypassing security measures, denial of service (DoS) attacks, and spoofing on affected devices.
Affected Software Versions
The vulnerabilities impact various versions of Apple software across multiple platforms:
- iOS and iPadOS: Versions prior to 17.6 and 16.7.9
- macOS: Sonoma versions prior to 14.6, Ventura versions prior to 13.6.8, and Monterey versions prior to 12.7.6
- watchOS: Versions prior to 10.6
- tvOS: Versions prior to 17.6
- visionOS: Versions prior to 1.3
- Safari: Versions prior to 17.6
CERT-In has strongly recommended that Apple users update their devices immediately to the latest software versions provided by Apple. This action is crucial to mitigating the risks associated with these vulnerabilities. Although Apple has not yet officially confirmed these security threats, the company released updates last week aimed at addressing potential security issues, and users are advised to install these updates without delay.
This advisory follows a similar warning issued by CERT-In in May 2024, which also highlighted significant security vulnerabilities in Apple products. At that time, the advisory warned that hackers could exploit these vulnerabilities to gain elevated access, bypass security controls, and potentially take complete control of the affected devices.
In light of these vulnerabilities, users are encouraged to:
- Update Devices: Regularly update their devices with the latest software updates provided by Apple.
- Exercise Caution: Be cautious when interacting with suspicious websites, links, or files.
- Monitor Communications: Stay informed through official communications from Apple regarding security updates and potential threats.
- Backup Data: Ensure that their devices are regularly backed up to safeguard against data loss in case of an attack.
As security threats continue to evolve, it is crucial for users to remain vigilant and proactive in protecting their devices. By following best practices and promptly applying updates, users can significantly reduce their risk of falling victim to potential cyber threats.