The Computer Emergency Response Team (CERT-In), a division under India’s Ministry of Electronics and Information Technology, has issued a “high” security risk alert regarding Apple device users. On its official website, CERT-In has cautioned users about multiple vulnerabilities that, if left unaddressed, could potentially grant unauthorized access to users’ Apple devices and result in the theft of sensitive data.
CERT-In has specifically highlighted serious security vulnerabilities in the WebKit browser engine, which is employed by Safari and other web browsers. These vulnerabilities pose significant risks to users of Apple devices, including iPhones and Apple Watches. They could enable attackers to deceive users into visiting malicious websites or opening malicious email attachments. Such actions may ultimately grant malicious actors access to users’ personal information, files, and even permit the installation of malware on their devices.
The official note from CERT-In states, “Multiple vulnerabilities have been reported in Apple products which could allow an attacker to execute arbitrary code, escalate privileges, or bypass security restrictions on the targeted system.” In simpler terms, Apple device users are vulnerable to potential theft of personal information and malware infections if they are not cautious about the links they click on or the attachments they open.
List of Apple devices at risk:
According to CERT-In, these vulnerabilities are actively being exploited against versions of iOS prior to iOS 16.7. The following Apple devices are at risk:
- Apple macOS Monterey versions prior to 12.7
- Apple macOS Ventura versions prior to 13.6
- Apple watchOS versions prior to 9.6.3
- Apple watchOS versions prior to 10.0.1
- Apple iOS versions prior to 16.7 and iPadOS versions prior to 16.7
- Apple iOS versions prior to 17.0.1 and iPadOS versions prior to 17.0.1
- Apple Safari versions prior to 16.6.1
How to stay safe:
In order to safeguard their personal data, CERT-In strongly advises individuals to promptly install the latest updates for watchOS, tvOS, and macOS on their Apple devices. Failing to address these software vulnerabilities in Apple watches, TVs, iPhones, and MacBooks could potentially expose these devices to unauthorized access by malicious actors. Apple has provided the necessary updates to resolve this issue on their official website, cert-in.org.in.
Furthermore, users of Apple iPhone, iPad, and WatchOS can enhance their security by updating to the latest software version, which incorporates improved security features and device enhancements.
It is crucial for Apple device users to stay vigilant and take these recommended precautions to protect themselves from the identified security risks.
Also Read
One thought on “Government Warns Apple Users of High-Risk Security Alert, Urges Prompt Updates for iPhone, MacBook, and More Devices”