In a significant cybersecurity alert, the Indian Government, through its Computer Emergency Response Team (CERT-In), has issued a high-risk warning to users of Apple devices, including iPhones, iPads, and MacBooks. This alert underscores the urgency for users to update their devices to mitigate potential cyber threats that could lead to unauthorized access and data theft.
The warning is grounded on the discovery of multiple vulnerabilities across various Apple operating systems and products. CERT-In has pinpointed the core issues within the iOS and iPadOS platforms, highlighting “improper input validation” in the Kernel and “improper state management” issues in WebKit, the engine powering the Safari browser. These technical loopholes present an opportunity for hackers to execute arbitrary code or even gain full control over the affected devices.
The vulnerabilities span a wide range of devices and software versions, including but not limited to iPhone 6s and newer models, several generations of iPad, MacBook, and even Apple Watch devices running on specific outdated versions of their respective operating systems. The Indian cybersecurity watchdog has classified these vulnerabilities as “high” severity, signaling a pressing need for immediate updates to safeguard personal and sensitive data.
Apple has responded to these vulnerabilities by rolling out updates, including iOS 15.7.7 and iPadOS 15.7.7 for older models, and iOS 16.5.1 and iPadOS 16.5.1 for newer devices. These updates aim to address the identified security gaps and enhance the protection against potential cyber-attacks.
CERT-In’s advisory extends beyond a simple call to update, offering comprehensive guidance on maintaining digital safety. Key recommendations include regularly checking for and installing software updates, using strong, unique passwords coupled with two-factor authentication, exercising caution with emails and links from unknown sources, and maintaining regular backups of important data.
This cybersecurity alert not only emphasizes the ongoing challenges in digital security but also serves as a critical reminder of the importance of staying vigilant and proactive in protecting digital identities and data. Users are urged to follow CERT-In’s guidance and update their devices promptly to avoid falling victim to potential cyber exploits.
