The government issues an urgent warning to Apple users: Serious vulnerabilities found on iPhone, Mac and Safari
Apple device users have been warned of serious security risks by the Computer Emergency Response Team (CERT-In). The advisory issued on November 21, 2024 highlights critical vulnerabilities that could impact the security of iPhones, iPads, Macs, and the Safari browser. Given the potential for cybercriminals to exploit these vulnerabilities, CERT-In has urged users to update their devices promptly to avoid the risk of data theft or unauthorized access.
Key vulnerabilities have been identified
This advisory identifies two primary vulnerabilities affecting Apple products: Execution Vulnerability (CVE-2024-44308) and Cross-Site Scripting (XSS) Vulnerability (CVE-2024-44309). The former, found in the JavaScriptCore component, impacts Safari and other applications that depend on JavaScript. Cyber attackers could exploit this vulnerability by injecting malicious web content to execute arbitrary code on affected devices. The second vulnerability resides in WebKit, the engine that powers Safari and other web content on Apple devices. This issue opens the possibility for attackers to enable XSS attacks, where malicious content can manipulate user sessions or steal sensitive information.
Also read: Key iOS 19 features leaked, could bring ChatGPT-like Siri and more advanced features
Device is at risk
These vulnerabilities primarily affect devices running Intel-based systems, including macOS, iOS, and iPadOS. CERT-In’s warning indicates that cybercriminals could exploit these issues to gain unauthorized access, manipulate data or deny service, causing serious consequences for users.
Also read: 5 WhatsApp features you must try to improve chats, video calls, and organization in 2024
How to protect your device
To deal with the risks, CERT-In strongly recommends that Apple users take immediate action by updating to the latest software versions. Specifically, users should upgrade iPhone and iPad to iOS 18.1.1 or iOS 17.7.2, depending on their device version. For Mac users, the update to macOS Sequoia 15.1.1 is important, while those using Apple VisionOS should update to version 2.1.1. Additionally, Safari users must upgrade to version 18.1.1.
Also read: Spotify Wrapped 2024: When it drops, how to access it, and how to manage your experience
Government advice emphasizes the importance of keeping security patches up to date to protect personal data and prevent unauthorized device control. As cyber threats continue to evolve, it is important for Apple users to prioritize these updates and maintain a proactive approach to security.
