Computer Emergency Response Team

• 05 Aug 2024

On 5th August, 2024, the Indian Computer Emergency Response Team (CERT-In) issued a high-severity warning for Apple users in India regarding significant software vulnerabilities on iPhones, iPads, and Macs, which could enable hackers to steal sensitive information.

• CERT-In has warned that vulnerabilities in various Apple products could expose users to security risks, including data theft and device compromise.
• Affected devices include iPhones and iPads running iOS and iPadOS versions prior to 17.6 and 16.7.9, respectively.
• Macs running macOS Sonoma versions earlier than 14.6, macOS Ventura versions before 13.6.8, and macOS Monterey versions below 12.7.6 are also vulnerable.
• Apple Watches with watchOS versions prior to 10.6, Apple TVs with tvOS versions before 17.6, and Vision Pro devices with visionOS versions earlier than 1.3 are at risk.
• The vulnerabilities could lead to sensitive information disclosure, denial of service, security bypass, spoofing attacks, arbitrary code execution, and cross-site scripting issues.
• CERT-In urges users to update their devices to the latest software versions to patch these vulnerabilities and secure their devices.
• Apple has issued alerts about "mercenary spyware attacks" targeting high-profile individuals worldwide, including those in India, with options to engage lockdown mode if a device is compromised.