CERT-In issues high-severity alert for Apple users over critical security flaws

India's Computer Emergency Response Team (CERT-In) has issued a high-severity alert for users of Apple devices, citing multiple critical vulnerabilities across key platforms including iOS, iPadOS, macOS, watchOS, tvOS, and visionOS, as per media reports.

The advisory warns that attackers could exploit these flaws to gain unauthorised access, steal sensitive data, execute arbitrary code, or even take full control of affected devices.

Also Read: Apple forms AI search team to rival ChatGPT and Perplexity

CERT-In, operating under the Ministry of Electronics and Information Technology (MeitY), revealed that outdated software versions - such as iOS versions before 18.6, iPadOS versions before 17.7.9 or 18.6, and macOS Sequoia versions earlier than 15.6 or Sonoma before 14.7.7 - are particularly vulnerable. Other impacted devices include Apple Watch, Apple TV, and Vision Pro if not updated to their latest firmware versions.

The vulnerabilities stem from a mix of technical issues like buffer overflows, logic errors, race conditions, and improper memory or privilege handling.

Alarmingly, these could be triggered by simple actions such as opening a malicious file or clicking a compromised link - making everyday users as well as enterprise systems potential targets.

"The impact could be severe, particularly for businesses relying on Apple infrastructure," said the advisory. Possible consequences include data breaches, operational disruptions, and reputational damage.

Also Read: Microsoft brings OpenAI’s new free GPT model into Windows 11 via AI

Apple has already released security patches and updates to address the identified threats. CERT-In strongly advises all users to immediately install the latest updates through system settings or Apple's official support channels to ensure device safety and prevent exploitation.

In addition to installing updates, CERT-In recommends basic cyber hygiene practices, including:

- Avoiding suspicious links or unsolicited links and attachments

- Not installing apps from unverified sources

- Monitoring devices for unusual activity

For organisations, swift patch deployment across all Apple hardware is essential, especially in sensitive sectors like finance, healthcare, and critical infrastructure.

Also Read: Tim Cook gifts Trump a 24K gold statue as Apple commits $100 billion more to ‘Make in USA’ push