Alert: Your Apple Device May Now Be Vulnerable To Cyberattacks
The Indian Computer Emergency Response Team has warned of high-risk security vulnerabilities to iOS, iPadOS, macOS and more.
While you’ve been watching Apple release its news range of iPhone 16 devices, along with a slew of operating system upgrades, all last week, you might have missed something more critical. If you’re using some older versions of Apple operating system, your device may be vulnerable to different forms of cyberattacks.
The Indian Computer Emergency Response Team, under the Ministry of Electronics and Information Technology, has released a “high-severity” warning regarding vulnerabilities discovered in several Apple products. Various Apple software versions, including iOS, iPadOS, macOS, watchOS and visionOS, are impacted by the CERT-In advisory.
The advisory covers:
iOS versions prior to 18 and 17.7.
iPadOS versions prior to 18 and 17.7.
macOS Sequoias versions prior to 15.
visionOS versions prior to 2.
watchOS versions prior to 11.
macOS Sonoma versions prior to 14.7.
macOS Ventura versions prior to 13.7.
tvOS versions prior to 18.
Safari versions prior to 18.
Xcode versions prior to 16.
Notably, Apple debuted the iPhone 16 on Sept. 9, which went available starting Sept. 20. The company last week also released software updates to most of its OS, such as iOS, macOS, iPadOS, watchOS, visionOS and tvOS.
The vulnerabilities reported in Apple products could allow an attacker to access users’ sensitive information, execute arbitrary code, bypass security restrictions, cause denial of service conditions, bypass authentication, gain elevated privileges and perform spoofing attacks on targeted systems, according to the advisory.
Here’s a breakdown of potential impact to Apple products:
Apple iOS and iPadOS versions prior to 18 or 17.7 could face DoS conditions, security restriction bypass, information disclosure and cross-site scripting.
macOS Sonoma versions prior to 14.7, Ventura versions prior to 13.7 and Sequoia versions prior to 15 may experience DoS, data manipulation, security restriction bypass, information disclosure, spoofing, elevation of privilege and cross-site scripting.
tvOS versions prior to 18 and watchOS versions prior to 11 face similar risks of DoS, information disclosure, security restriction bypass and cross-site scripting.
Safari and Xcode versions prior to 18 and 16, respectively, are vulnerable to similar risks.
visionOS versions prior to 2 may be at risk of DoS, data manipulation, security restriction bypass and information disclosure.
To reduce the risks, users are advised to update the software on their Apple devices to the most recent versions. It is also advised that users make sure appropriate cybersecurity safeguards are in place and keep an eye out for any suspected activity on their devices.
However, the latest versions of Apple OS haven’t been free of problems too. Apple’s macOS Sequoia, its latest desktop OS update, had last week reportedly disrupted the functionality of security tools created by providers such as CrowdStrike, Microsoft and SentinelOne, among others.
Users reported their Mac breakdowns post the latest OS update, problems with security products on the most recent macOS, and issues with DNS and firewall configuration on Mac.
