Government issues urgent warning for Apple users: Critical vulnerabilities found in iPhones, Macs, and Safari

Apple device users have been alerted to severe security risks by the Computer Emergency Response Team (CERT-In). The advisory, issued on November 21, 2024, highlights critical vulnerabilities that can compromise the security of iPhones, iPads, Macs, and Safari browsers. With the possibility of cybercriminals exploiting these flaws, CERT-In has urged users to update their devices promptly to avoid potential data theft or unauthorised access.

Key Vulnerabilities Identified

The advisory identifies two key vulnerabilities affecting Apple products: an Execution Vulnerability (CVE-2024-44308) and a Cross-Site Scripting (XSS) vulnerability (CVE-2024-44309). The former, found in the JavaScriptCore component, impacts Safari and other applications reliant on JavaScript. Cyber attackers can exploit this flaw by injecting harmful web content to execute arbitrary code on affected devices. The second vulnerability lies in WebKit, the engine that powers Safari and other web content on Apple devices. This issue opens up the potential for attackers to trigger XSS attacks, where malicious content can manipulate user sessions or steal sensitive information.

Also read: iOS 19 major feature leaked, may bring ChatGPT-like Siri and more advanced features

Devices at Risk

These vulnerabilities primarily affect devices running Intel-based systems, including macOS, iOS, and iPadOS. CERT-In's warning indicates that cybercriminals could exploit these issues for unauthorised access, data manipulation, or denial of service, with serious consequences for users.

Also read: 5 WhatsApp features you must try to enhance chats, video calls, and organization in 2024

How to Protect Your Device

In response to the risks, CERT-In strongly recommends that Apple users take immediate action by updating to the latest software versions. Specifically, users should upgrade iPhones and iPads to iOS 18.1.1 or iOS 17.7.2, depending on their device version. For Mac users, the update to macOS Sequoia 15.1.1 is critical, while those using Apple visionOS should update to version 2.1.1. Additionally, Safari users must upgrade to version 18.1.1.

Also read: Spotify Wrapped 2024: When It drops, how to access It, and how to curate your experience

The government advisory emphasises the importance of staying up to date with security patches to safeguard personal data and prevent unauthorised control of devices. As cyber threats continue to evolve, it's crucial for Apple users to prioritise these updates and maintain a proactive approach to security.