Home > Business > Govt warns Apple users of...

Govt warns Apple users of high-risk security flaws in iPhones, other products

According to the advisory, multiple vulnerabilities have been reported in Apple products that could allow an attacker to access sensitive information of users

By :  The Federal
Update: 2024-09-22 13:33 GMT
The advisory, which came soon after the iPhone 16 launch, concerns a wide range of Apple software versions, including iOS, iPadOS, macOS, watchOS and visionOS

Shortly after the launch of iPhone 16, the Centre has issued a warning of ‘high-risk security” flaws in the iPhone and other Apple products.

According to the advisory by Indian Computer Emergency Response Team (CERT-In), multiple vulnerabilities have been reported in Apple products that could allow an attacker to access sensitive information of users. 

The advisory concerns a wide range of Apple software versions, including iOS, iPadOS, macOS, watchOS and visionOS.

High-risk warning

On September 19, CERT-In issued a high-risk warning to Apple users about multiple vulnerabilities found in several Apple products.

The vulnerabilities are rated as “high” risk because it can allow attackers to:

Gain unauthorised access to sensitive information

Execute arbitrary code on the device

Bypass critical security restrictions

Cause denial-of-service (DoS) conditions

Elevate privileges to gain control over the system

Perform spoofing attacks

Engage in cross-site scripting (XSS) attacks

How they can be vulnerable?

For example, for iOS and iPadOS users, with iOS versions prior to 18 or 17.7, can face DoS attacks, information disclosure, and security restriction bypassing.

Users running older versions of macOS may experience data manipulation, DoS, privilege elevation, and cross-site scripting.

While tvOS and watchOS products face similar risks of DoS attacks, XSS vulnerabilities, and information disclosure.

Older versions of Safari and Xcode can be vulnerable to spoofing and security restriction bypassing.

visionOS users may be at risk of data manipulation, DoS and information disclosure.

Which Apple products are vulnerable?

OS: Versions prior to 18 and 17.7

iPadOS: Versions prior to 18 and 17.7

macOS Sonoma: Versions prior to 14.7

macOS Ventura: Versions prior to 13.7

macOS Sequoia: Versions prior to 15

tvOS: Versions prior to 18

watchOS: Versions prior to 11

Safari: Versions prior to 18

Xcode: Versions prior to 16

visionOS: Versions prior to 2

What CERT-In recommends

What can be done? The advisory recommends that users must update their Apple devices to the latest versions of software to avoid the risks.

Users are also advised to monitor their devices for any unusual activity and ensure proper cybersecurity measures are in place.

In August this year, CERT-In has issued a “severe” warning to Apple users, highlighting several vulnerabilities in products such as iPhones, iPads, Macs, and more.

Earlier this month, CERT-In had also warned about the vulnerabilities in Google Chrome browser. The agency stated that these vulnerabilities only affected users prior to 128.0.6613.119/.120 for Windows and macOS and in versions prior to 128.0.6613.119 for Linux.

Tags:    

Similar News

OYO to acquire iconic Motel 6 brand in $525 million all-cash deal
September to be busiest month for IPOs in 14 years, says RBI Bulletin
An expanding Air India hired 9,000 staff in two years: CEO Campbell Wilson
EY employee death fallout: Deloitte forms 3-member committee to review people practices
Stock market zooms to new highs; Sensex crosses 84,000, Nifty surges to 25,686
Amit Shah unveils 'White Revolution 2.0' to transform India's dairy sector
Banks to play major role in making India a developed nation: FM Sitharaman
Report of MSP panel to be made public soon: Government
Sensex, Nifty hit record highs as US Fed cuts rates; banks lead gains
India on track to becoming third-largest economy by 2031: S&P report
US Fed's 50 basis points rate cut triggers market optimism in India; will RBI follow suit?