1 week Ago By Kahekashan
The Indian government has sounded an alarm for Apple users across the country.The Indian Computer Emergency Response Team (CERT-In), under the Ministry ofElectronics and Information Technology, has issued a high-risk security alertwarning Apple device owners about multiple critical vulnerabilities. Theseflaws could allow cybercriminals to steal personal data, hijack devices, ordisrupt normal operations.
This warning applies to a wide range of Apple products — including iPhones,iPads, MacBooks, Apple TVs, and even the Apple Vision Pro. According toCERT-In, these vulnerabilities pose a serious threat to both individual usersand organizations using Apple hardware and software. If not patched, theseweaknesses could enable attackers to run malicious code, bypass securitysettings, access sensitive files, escalate system privileges, or even launchspoofing and denial-of-service (DoS) attacks.
The agency has documented its findings in vulnerability note CIVN-2025-0071.Users running older software versions are particularly at risk. CERT-Instrongly recommends updating all Apple devices immediately to the latestavailable versions.
Delaying these updates could leave users open to severesecurity breaches or data loss. Here are the affected software versions as mentioned in the advisory: iOS and iPadOS: Versions before18.4, 17.
7.6, 16.7.
11, and 15.8.4 macOS: Sequoia before 15.
4,Sonoma before 14.7.5, and Ventura before 13.
7.5 tvOS: Versions prior to 18.4 visionOS: Versions earlier than2.
4 Safari browser: Versions before18.4 Xcode: Versions prior to 16.3 CERT-In has emphasized the high severity of these vulnerabilities, notingthat they arise due to coding errors and flaws in Apple’s softwarearchitecture.
The risks include: Type Confusion: When the systemmisinterprets the type of data, leading to system instability. Use-After-Free: A flaw wherepreviously deleted memory is reused, opening doors for malicious access. Out-of-Bounds Reads/Writes:Allowing access to memory regions outside the allocated space, potentiallyexposing sensitive data.
Improper Input Validation:Where the system fails to check user input thoroughly, creating a backdoor forattackers. Buffer Overflows: Caused bydata overloading, which can crash or corrupt systems. Path Handling Issues: Securityloopholes in how file paths are processed by the system.
What makes these flaws even more concerning is that many can be exploitedremotely without any physical access to the device. This means hackers couldpotentially target users simply through malicious links, apps, or compromisedwebsites. In light of this, Apple users are strongly advised to check for softwareupdates immediately and apply them without delay.
Staying updated is the mosteffective defense against emerging cybersecurity threats — especially whenthose threats come with a high-severity label from a national cybersecurityauthority. How to Update Your Apple Devices To keep your Apple devices protected, make sure they’re running the latest software. Here’s how you can check for updates: • iPhone or iPad: Open the Settings app, tap General, then select Software Update.
• Mac: Click on the Apple menu, go to System Settings, then General, and select Software Update. • Apple TV and Other Devices: Head to the Settings menu and look for the System Update option. Apple also recommends turning on automatic updates.
This ensures your device installs important security patches and improvements as soon as they’re available..
