The Computer Emergency Response Team in India (CERT-In) has recently issued a high-risk warning to Apple users, highlighting multiple vulnerabilities in Apple products that could potentially expose sensitive information. These vulnerabilities pose a serious security threat and have the potential for attackers to gain unauthorised access to user data.
According to CERT-In, the identified vulnerabilities include the ability for hackers to execute arbitrary code, bypass security measures, cause denial of service (DoS) attacks, bypass authentication processes, obtain elevated privileges, and carry out spoofing attacks on the targeted systems.
The affected Apple software versions listed by CERT-In include:
- Apple iOS versions prior to 17.1 and iPadOS versions prior to 17.1.
- Apple iOS versions prior to 16.7.2 and iPadOS versions prior to 16.7.2.
- Apple 10S versions prior to 15.8 and iPadOS versions prior to 15.8.
- Apple macOS Sonoma versions prior to 14.1.
- Apple macOS Ventura versions prior to 13.6.1.
- Apple macOS Monterey versions prior to 12.7.1.
- Apple tvOS versions prior to 17.1.
- Apple watchOS versions prior to 10.1.
- Apple Safari versions prior to 17.1.
To safeguard against potential hacking and data theft, CERT-In advises iPhone, Apple Watch, Mac, and iPad users to promptly update their devices with the latest Apple firmware. Installing the latest updates for iOS, macOS, tvOS, watchOS, and Safari is crucial for protecting personal data.
Users can easily update their devices by following these steps:
For iPhone users, navigate to Settings > General > Software Update.
Apple has already released the necessary updates. Simply check the device settings to see if an update is available.
In a related note, it recently rolled out iOS 17.1, which not only introduced new features but also addressed various bugs. This update fixed a privacy issue related to Significant Location settings when transferring or pairing an Apple Watch for the first time, ensuring enhanced user security.