The Indian Computer Emergency Response Team (CERT-IN) has issued a ‘high’ severity warning to users of various Apple products, including Macs, iPhones, iPads, and even the Apple Watch. They advise users to update their browsers as soon as possible to avoid hackers from executing arbitrary code and bypassing security measures.
Who Is Affected:
According to CERT-In, users on the following software versions are affected:
- Apple macOS Monterey versions prior to 12.7
- Apple macOS Ventura versions prior to 13.6
- Apple watchOS versions prior to 9.6.3
- Apple watchOS versions prior to 10.0.1
- Apple iOS versions prior to 16.7 and iPadOS versions prior to 16.7
- Apple iOS versions prior to 17.0.1 and iPadOS versions prior to 17.0.1
- Apple Safari versions prior to 16.6.1
How Do These Vulnerabilities Affect Users?
As noted by CERT-In, these security vulnerabilities exist in Apple products due to a certificate validation issue in the Security component, which was further reported to be an issue in the Kernel and an error in the WebKit component.
By exploiting these vulnerabilities, an attacker could potentially send specially crafted requests, leading to the execution of arbitrary code, escalation of privileges, or bypassing security restrictions on the targeted system.
Simply put, hackers may use these vulnerabilities to breach a device’s security and steal data or accomplish other malicious intents.
What Can You Do?
To stay safe from all aforementioned risks, users should update their Apple devices to the latest available updates as soon as possible. If your device is limited to a software version listed here, you should ideally consider switching to a more recent device for security reasons.