The Indian Computer Emergency Response Team (CERT-In) released a major security alert for Apple devices on March 15th. The warning details significant Apple vulnerabilities affecting iPhones, iPads, and other iOS devices.
Users are now being strongly advised to install the latest iOS and iPadOS security updates to safeguard their devices and data.
Here’s more information on the nature of the security alert, and how you can protect your devices from the vulnerabilities highlighted by the CERT-In.
CERT-In categorises the issue of “multiple vulnerabilities in Apple Products” as “high” under its severity rating. The warning pinpoints security flaws in a variety of iOS and iPadOS components.
CERT-In attributes these issues to "improper validation" within various components of iOS and iPadOS.
These include Bluetooth, media handling (libxpc, MediaRemote, Photos), web browsing (Safari & WebKit), and extensions. Additionally, privacy concerns also exist within parts like ExtensionKit, Messages, Share Sheet, core system memory and others.
The official website of CERT-In states that these vulnerabilities “could allow an attacker to execute arbitrary code, bypass security restrictions, disclose sensitive information, gain elevated privileges or cause denial of service condition on the target system.”
In other words, if exploited, attackers could potentially cause system crashes, execute malicious code on the device, access private user data, and circumvent Apple's built-in security measures.
These vulnerabilities have wide-ranging implications. Specifically, iOS and iPadOS versions earlier than 16.7.6 and 17.4 respectively, are vulnerable. This includes models such as the iPhone 8 series, older iPad Pro models, iPad Air (3rd generation and later), and iPad mini (5th generation and later).
Additionally, older versions of Apple operating systems like macOS, watchOS, and tvOS may also be at risk. Softwares affected include Apple visionOS (versions prior to 1.1), Apple tvOS versions prior to 17.4, Apple watchOS versions prior to 10.4.
To reduce the chance of your devices being compromised, users can follow certain measures.
Updates need to be prioritised and promptly installed as Apple frequently releases patches to address security issues.
Users need to exercise download caution by limiting your app downloads to the official App Store, as it offers better vetting than third-party sources.
Account security can be enhanced with strong passwords and enabling two-factor authentication (2FA) for an extra layer of protection.
It is also recommended to stay informed by keeping track of the latest security threats and vulnerabilities through resources like CERT-In and Apple's official security advisories.
By following these guidelines, Apple users can significantly reduce their devices' exposure to cyber attacks.
Also Watch: iQOO Neo 9 Pro 8GB+128GB storage variant launch announced, Check out price in India, offers & specs