News Brief
India's Cybersecurity Agency Flags 'High-Risk' Vulnerability In Apple Products: Here's All You Need To Know
Kuldeep Negi
Apr 03, 2024, 02:32 PM | Updated 02:36 PM IST
Save & read from anywhere!
Bookmark stories for easy access on any device or the Swarajya app.
India's cybersecurity agency has issued a high risk warning for users of Apple's iPhones, MacBooks, iPads, and Vision Pro headsets.
The advisory, issued by Indian - Computer Emergency Response Team (CERT-In), highlights a critical vulnerability, identified in connection to "remote code execution" in various Apple products.
The vulnerability affects a range of Apple software and hardware, including Apple Safari versions prior to 17.4.1, Apple macOS Ventura versions prior to 13.6.6, Apple macOS Sonoma versions prior to 14.4.1, Apple visionOS versions prior to 1.1.1, Apple iOS and iPadOS versions prior to 17.4.1, and Apple iOS and iPadOS versions prior to 16.7.7.
This vulnerability poses a significant threat as it allows remote attackers to execute arbitrary code on the targeted systems.
The exploit leverages an out-of-bounds write issue in WebRTC and CoreMedia, enabling attackers to compromise devices remotely.
Devices at risk include iPhone XS, iPad Pro (12.9-inch, 10.5-inch, and 11-inch), iPad Air, iPad, iPad mini with iOS and iPadOS versions earlier than 17.4.1, and iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro (9.7-inch, and 12.9-inch 1st generation) with iOS and iPadOS versions earlier than 16.7.7.
Additionally, MacBooks with macOS Ventura versions before 13.6.6 and macOS Sonoma versions before 14.4.1, and Apple Vision Pro headsets with visionOS versions before 1.1.1, are vulnerable.
CERT-In advises updating to the latest versions of iOS, iPadOS, macOS, and visionOS with security patches. It recommends avoiding unsecured or public Wi-Fi networks, enabling Two-Factor Authentication (2FA), downloading apps only from trusted sources like the Apple App Store, and regularly backing up data to prevent data loss from security breaches or system failures.
Save & read from anywhere!
Bookmark stories for easy access on any device or the Swarajya app.
Kuldeep is Senior Editor (Newsroom) at Swarajya. He tweets at @kaydnegi.
Introducing ElectionsHQ + 50 Ground Reports Project
The 2024 elections might seem easy to guess, but there are some important questions that shouldn't be missed.
Do freebies still sway voters? Do people prioritise infrastructure when voting? How will Punjab vote?
The answers to these questions provide great insights into where we, as a country, are headed in the years to come.
Swarajya is starting a project with an aim to do 50 solid ground stories and a smart commentary service on WhatsApp, a one-of-a-kind. We'd love your support during this election season.
Click below to contribute.