India govt issues ‘high’ severity warning for Apple iPhone, iPad and MacBook users

Indian government's Computer Emergency Response Team (CERT-In) has issued a high severity warning for multiple Apple products that could affect users of iPhone, iPad, Vision Pro, MacBook, Apple Watch and Apple TV. The central agency stated that multiple vulnerabilities have been found in various Apple software and also provided a possible solution.

In a latest release about vulnerabilities in Apple products, CERT-IN stated, "Multiple vulnerabilities have been reported in Apple products which could allow an attacker to access sensitive information, execute arbitrary code, bypass security restrictions, cause denial of service (DoS) and perform spoofing attacks on the targeted system."

What software is affected by the latest leak?

Apple iOS versions prior to 17.6 and iPadOS versions prior to 17.6

Apple iOS versions prior to 16.7.9 and iPadOS versions prior to 16.7.9

Apple macOS Sonoma versions prior to 14.6

Apple macOS Ventura versions prior to 13.6.8

Apple macOS Monterey versions prior to 12.7.6

What does Indian govt suggest?

CERT-In suggests that Apple has already fixed these problems in its latest security updates and thus urges the users to update to the appropriate security update in order to secure their device.

In May CERT-In had issued a similar warning for Safari browser, Vision Pro, MacBooks and Apple Watch users, highlighting a vulnerability that could be exploited by a potential attacker. It had then said that these vulnerabilities exist for a number of reasons, including improper validation in Bluetooth, MediaRemote, Photos, Safari and Webkit components. There are also privacy-related issues in ExtensionKit, Share Sheet, memory corruption, lock screen and timing side channel.