Centre warns Apple users of ‘high-risk’ security flaws in iPhones, other devices

Users are also advised to monitor their devices for any unusual activity and ensure proper cybersecurity measures are in place.

New Delhi: The Indian Computer Emergency Response Team (CERT-In) has issued a high-risk warning concerning multiple vulnerabilities found in several Apple products. This comes days after the American technology giant launched its much-awaited iPhone series in India. The advisory concerns a wide range of Apple software versions, including iOS, iPadOS, macOS, watchOS and visionOS.

To mitigate the risks, the CERT-In has asked the users to update their Apple devices to the latest versions of software. Users are also advised to monitor their devices for any unusual activity and ensure proper cybersecurity measures are in place.

CERT-In’s advisory outlines the affected Apple products as follows:

  • iOS: Versions prior to 18 and 17.7
  • iPadOS: Versions prior to 18 and 17.7
  • macOS Sonoma: Versions prior to 14.7
  • macOS Ventura: Versions prior to 13.7
  • macOS Sequoia: Versions prior to 15
  • tvOS: Versions prior to 18
  • watchOS: Versions prior to 11
  • Safari: Versions prior to 18
  • Xcode: Versions prior to 16
  • visionOS: Versions prior to 2

What are the key risks and its impacts?

  • The vulnerabilities are rated as “high” risk and, if exploited, could allow attackers to:
  • Gain unauthorised access to sensitive information
  • Execute arbitrary code on the device
  • Bypass critical security restrictions
  • Cause denial-of-service (DoS) conditions
  • Elevate privileges to gain control over the system
  • Perform spoofing attacks
  • Engage in cross-site scripting (XSS) attacks

Potential Impacts by Product

Those who are using iOS and iPadOS with iOS versions prior to 18 or 17.7 could face DoS attacks, information disclosure, and security restriction bypassing, according to the advisory

The macOS (Sonoma, Ventura, Sequoia) users who are using the older versions of macOS may experience data manipulation, DoS, privilege elevation, and cross-site scripting.

tvOS and watchOS: These products face similar risks of DoS attacks, XSS vulnerabilities, and information disclosure.

Safari and Xcode: Older versions could be vulnerable to spoofing and security restriction bypassing.

visionOS: Users may be at risk of data manipulation, DoS and information disclosure.




FOLLOW US ON GOOGLE NEWS

Read original article here

Denial of responsibility! Todays Chronic is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – todayschronic.com. The content will be deleted within 24 hours.

Leave a Comment