Sunday, December 29, 2024
Advertisement
  1. You Are At:
  2. News
  3. Technology
  4. CERT-In identifies serious security risks in Apple products, suggests IMMEDIATE software update

CERT-In identifies serious security risks in Apple products, suggests IMMEDIATE software update

The Indian Computer Emergency Response Team (CERT-In) has issued a warning to Apple users in India, pointing out multiple vulnerabilities in Apple products such as iPhones, iPads, Macs, and more- Which could lead to sensitive information leaks, arbitrary code execution, and more.

Written By: Saumya Nigam @snigam04 New Delhi Published : Aug 04, 2024 14:33 IST, Updated : Aug 04, 2024 14:33 IST
Apple, tech news
Image Source : FILE Apple users facing multiple vulnerabilities and need to update software IMMEDIATELY

The Indian Computer Emergency Response Team (CERT-In) has issued a ‘severe’ warning to Apple users in India, highlighting multiple vulnerabilities in Apple products like iPhones, iPads, Macs and more. These vulnerabilities are expected to head on to sensitive information leaks, arbitrary code execution, denial of service (DoS) attacks, security bypasses and spoofing attacks.

Affected Apple products

As per the advisory which was dated August 2 (2024), several Apple software versions have been affected. Specifically, the vulnerabilities impacting:

  • iOS and iPadOS: Versions before 17.6 and 16.7.9
  • macOS Sonoma: Versions before 14.6
  • macOS Ventura: Versions before 13.6.8
  • macOS Monterey: Versions before 12.7.6
  • watchOS: Versions earlier than 10.6
  • tvOS: Versions earlier than 17.6
  • visionOS: Versions before 1.3
  • Safari: Versions before 17.6

CERT-In strongly urges Apple users to apply the necessary software updates provided by Apple to mitigate these risks. Despite the warning, Apple has not officially confirmed any security risks related to these vulnerabilities from their side.

Mercenary Spyware Threats

For these vulnerabilities, Apple has been sending alerts to users in over 150 countries, including India, about potential ‘mercenary spyware attacks’. 

These attacks are similar to the infamous Pegasus spyware developed by the NSO Group and aim to remotely compromise iPhones. 

Apple's notifications are further intended to inform users about these sophisticated spyware threats, which are more advanced than typical cybercriminal activities or consumer-grade malware. Prominent individuals like Iltija Mufti, the media adviser and daughter of former Jammu and Kashmir chief minister Mehbooba Mufti, and Pushparaj Deshpande, founder of the Samruddha Bharat Foundation, have publicly acknowledged receiving alerts from Apple regarding potential hacks on their phones.

Official responses and user guidance from CRET-In

The Ministry of Electronics and Information Technology (MeitY) and Apple have not yet responded to queries regarding these security issues. Meanwhile, CERT-In continues to closely monitor the situation and advises users to stay informed and apply the latest security patches as they become available. This proactive approach is crucial to safeguarding against evolving threats from these vulnerabilities and potential spyware attacks.

Apple's threat notification emphasizes that these mercenary spyware attacks are exceedingly rare but highlights the need for users to be vigilant and keep their devices updated to protect against these risks.

ALSO READ: TRAI revolutionizes mobile services: compensation for network interruptions now guaranteed

Advertisement

Read all the Breaking News Live on indiatvnews.com and Get Latest English News & Updates from Technology

Advertisement
Advertisement
Advertisement
Advertisement