New Delhi: The centre-run Computer Emergency Response Team (CERT-In) has warned users of Apple devices by issuing a “high” security risk alert. In an official statement, the CERT-In warns of several vulnerabilities that the smartphone contains.
The CERT-In, which is India’s Ministry of Electronics and Information Technology cautioned that the user’s privacy is at a huge risk of being imfringed if the if is left untreated as it could allow unauthorized access to phone and theft of sensitive data.
CERT-In has warned that the WebKit browser used by Safari and other browsers has serious security holes that could have serious consequences for users of Apple devices such as the iPhone and Apple Watch.
These vulnerabilities allow attackers to trick users into visiting malicious websites or opening malicious attachments. This can further give bad actors access to a user’s personal data and files, and even the ability to install malware on a user’s device.
In other words, users of Apple devices are at risk of having their personal information stolen or their devices infected with malware if they do not monitor which links they click or which attachments they open. CERT-In notes that “these vulnerabilities are exploited in the wild against iOS versions prior to iOS 16.7.”
Here is a list of Apple devices affected by the vulnerability.
Apple macOS Monterey versions 12.7
Apple macOS Ventura versions 13.6
Apple watchOS versions 9.6.3
Apple watchOS versions 10.0.1
iPadOS versions before 16.7 and Apple iOS versions before 16.7
iPadOS versions before 17.0.1 and Apple iOS versions before 17.0.1
Apple Safari versions 16.6.1
According to the national agency responsible for monitoring cybersecurity issues for various software publications, it is highly recommended that people concerned about the security of their personal information install the latest updates for watchOS, tvOS and macOS on their Apple devices.
If software vulnerabilities in Apple watches, TVs, iPhones and MacBooks are not patched, these devices could be exposed to unauthorized, malicious actors. Apple has also provided the necessary updates to resolve this issue on the official website cert-in.org.in. In addition, Apple iPhone, iPad and WatchOS users will benefit from the latest software version, which includes advanced security features and hardware improvements.