CERT-In warns of high-severity vulnerabilities in Apple products, urges immediate action
Apr 4, 2023, 11:24 IST
- CERT-In has issued an advisory for Apple users regarding multiple vulnerabilities that could potentially enable attackers to bypass Privacy preferences.
- The vulnerabilities affect Apple's Safari web browser, macOS versions before 13.3, and several components of Apple tvOS and watchOS.
- The agency advises users to upgrade to newer Apple tvOS and watchOS versions.
Advertisement
India's national nodal agency overseeing cybersecurity-related issues, CERT-In, has issued a crucial advisory for users of Apple products. The agency has discovered multiple vulnerabilities in Apple products that could potentially enable attackers to bypass Privacy preferences, execute arbitrary code with kernel privileges, gain access to sensitive information, and even spoof user interfaces on targeted systems. According to CERT-In, several vulnerabilities have been found in Apple's Safari web browser, specifically related to improper state management in the WebKit component. Hackers could exploit these flaws by tricking users into visiting malicious websites and extracting sensitive information. For Mac users, multiple vulnerabilities have been identified that could allow attackers to manipulate various applications and extract sensitive data due to memory issues, improper checks, and other issues.
These vulnerabilities are considered high-severity and affect systems running on macOS Ventura versions before 13.3, macOS Big Sur versions before 11.7.5, and macOS Monterey versions before 12.6.4. Additionally, multiple issues have been identified on Apple Watches and Apple TVs. CERT-In warns that these vulnerabilities exist in Apple tvOS and watchOS products due to flaws in several components, including Identity Services, Podcasts, and WebKit.
These vulnerabilities could allow attackers to bypass privacy preferences, execute arbitrary code with kernel privileges, and even spoof user interfaces on targeted systems if exploited.
What should users do?
To safeguard against the vulnerabilities identified by CERT-In, users are strongly advised to update their software versions. Mac users should also upgrade to the latest macOS version to ensure their systems are secure.
Advertisement
For Apple Watches and Apple TVs, users are urged to upgrade to the newest versions of tvOS and watchOS to protect against the identified vulnerabilities. These updates provide important security patches to prevent potential exploitation by attackers.
SEE ALSO:
ChatGPT alternative comes to iPhone with Perplexity, offering its own AI assistant on iOS
Step-by-Step Guide: How to Get Verified on Facebook and Instagram with Meta Verified in India