CERT-In issues high-risk warning for Apple users: Here's how to deal with this critical vulnerability

The identified vulnerability impacts a wide range of Apple software and hardware, including various versions of Apple Safari, macOS Ventura, macOS Sonoma, visionOS, iOS, and iPadOS.

Author
Mayank Kasyap
Follow us:
Courtesy: Flickr

New Delhi: The Indian Computer Emergency Response Team (CERT-In) has issued a "high-risk" security advisory concerning users of Apple's iPhones, MacBooks, iPads, and Vision Pro headsets. The advisory draws attention to a critical vulnerability associated with "remote code execution" across various Apple products, posing a significant security risk to users.

Impact of vulnerability

The identified vulnerability impacts a wide range of Apple software and hardware, including various versions of Apple Safari, macOS Ventura, macOS Sonoma, visionOS, iOS, and iPadOS. The flaw allows remote attackers to execute arbitrary code on targeted systems, posing a serious threat to user data and device security.

Vulnerable devices, software versions

Users of iPhone XS, iPad Pro series, iPad Air, iPad, and iPad mini running iOS and iPadOS versions prior to 17.4.1 are at risk. Additionally, users of iPhone 8 series, iPhone X, and certain iPad models must ensure their devices are updated to iOS and iPadOS versions 16.7.7 or later to mitigate the vulnerability.

MacBook users should update their systems to protect against the vulnerability, particularly those with macOS Ventura and macOS Sonoma versions prior to 13.6.6 and 14.4.1, respectively. Similarly, owners of the Apple Vision Pro headset should be cautious, as visionOS versions prior to 1.1.1 are vulnerable to exploitation.

Precautionary measures

To safeguard against potential compromises, CERT-In recommends the following precautionary measures:

  1. Software Updates: Ensure that Apple iOS, iPadOS, macOS, and visionOS are updated to the latest versions containing security patches.

  2. Network Security: Avoid connecting to unsecured or public Wi-Fi networks to minimize the risk of unauthorized access to devices and data.

  3. Two-Factor Authentication (2FA): Implement 2FA to enhance security by requiring an additional verification step for accessing accounts and devices.

  4. Download from Trusted Sources: Only download apps and software from reputable sources such as the Apple App Store to reduce the risk of downloading malicious software.

  5. Regular Backups: Backup critical data regularly to mitigate the impact of potential security breaches or system failures.

By following these measures, Apple users can enhance the security of their devices and protect themselves against potential security threats posed by the identified vulnerability.