The Indian Computer Emergency Response Team (CERT-In) has issued an advisory alerting Apple users regarding vulnerabilities in iPhones, iPads, and Mac product lines. The security flaws are identified in the Apple products running on iOS and iPadOS versions prior to 18.1.1 or 17.7.2 and former versions of Apple’s Safari web browser, highlighted in the advisory.
Two vulnerabilities in Apple products have been identified for “individual and organizational users of Intel-based Mac systems, including macOS, iOS, and iPadOS devices.” These can potentially allow attackers to execute arbitrary code or carry out XSS attacks on affected devices. It also suggests that the ‘high risk’ vulnerabilities make it easier for threat actors to gain unauthorized access to essential user data, and lead to service denial or data manipulation.
The advisory further revealed that the vulnerabilities are present in Webkit and JavaScript as they are compatible with Safari browser and other Apple devices’ applications. The warning further suggests attackers can send “maliciously crafted web content to the affected device.”
Apple has resolved these vulnerabilities in its latest software updates for Apple product lines including iPhones, iPads, and Macs. CERT-In advises users to update their Apple devices to the newest software versions to reduce risks and safeguard against potential security threats.
CERT-In also classified these vulnerabilities as ‘high risk’ and issued a list of affected software:
Apple iOS and iPadOS versions prior to 18.1.1
Apple iOS and iPadOS versions prior to 17.7.2
Apple macOS Sequoia versions prior to 15.1.1
Apple visionOS versions prior to 2.1.1
Apple Safari versions prior to 18.1.1
𝐒𝐭𝐚𝐲 𝐢𝐧𝐟𝐨𝐫𝐦𝐞𝐝 𝐰𝐢𝐭𝐡 𝐨𝐮𝐫 𝐥𝐚𝐭𝐞𝐬𝐭 𝐮𝐩𝐝𝐚𝐭𝐞𝐬 𝐛𝐲 𝐣𝐨𝐢𝐧𝐢𝐧𝐠 𝐭𝐡𝐞 WhatsApp Channel now! 👈📲
𝑭𝒐𝒍𝒍𝒐𝒘 𝑶𝒖𝒓 𝑺𝒐𝒄𝒊𝒂𝒍 𝑴𝒆𝒅𝒊𝒂 𝑷𝒂𝒈𝒆𝐬 👉 Facebook, LinkedIn, Twitter, Instagram
