[LINK] Government and CERT-In issue high severity alert for iOS, iPadOS and macOS users

[Stephen Loosley]

`
Government issues high severity warning for iOS, iPadOS and macOS users post iPhone 16 launch


Published 22 Sep 2024  https://www.livemint.com/technology/tech-news/government-issues-high-severity-warning-for-ios-ipados-and-macos-users-post-iphone-16-launch-11726996718377.html


CERT-In has issued a high severity alert for iOS, iPadOS, and macOS users following the iPhone 16 launch, highlighting multiple vulnerabilities that could allow attackers to access sensitive information and perform various malicious actions. 

Users are urged to update their software immediately.

[Photo caption: The new iPhone 16 is displayed during an announcement of new products at Apple headquarters.]

Computer Emergency Response Team (CERT-In), the cyber security watchdog under the Ministry of Electronics and Information Technology (MeitY), has issued a high severity alert for iOS, iPadOS and macOS users soon after the iPhone 16 launch. 

The warning suggests that multiple vulnerabilities have been reported in Apple products that could allow an attacker to access sensitive information of users. 


What can these vulnerabilities be used for? 

CERT-In warns that apart from accessing sensitive information, these vulnerabilities can be used by attackers to “execute arbitrary code, bypass security restrictions, cause denial of service (DoS) conditions, bypass authentication, gain elevated privileges and perform spoofing attacks on the targeted system."


Who does the vulnerability affect? 

Apple iOS versions prior to 18 and iPadOS versions prior to 18

Apple iOS versions prior to 17.7 and iPadOS versions prior to 17.7

Apple macOS Sonoma versions prior to 14.7

Apple macOS Ventura versions prior to 13.7

Apple macOS Sequoia versions prior to 15

Apple tvOS versions prior to 18

Apple watchOS versions prior to 11

Apple Safari versions prior to 18

Apple Xcode versions prior to 16

Apple visionOS versions prior to 2


What should Apple users do? 

CERT-In states that these vulnerabilities have been fixed in the latest version of software updates by Apple and alerts the iOS, iPadOS, macOS, tvOS, watchOS, Safari, Xcode and visionOS users to update to the latest software update provided by the Cupertino based tech giant in order to stay secure. 

Notably, CERT-In had also also warned about the vulnerabilities in Google Chrome browser earlier this month. 

The agency stated that these vulnerability only affected users prior to 128.0.6613.119/.120 for Windows and macOS and in versions prior to 128.0.6613.119 for Linux.

--