CERT-In warns of high-severity vulnerabilities in Apple products, urges immediate action

• CERT-In has issued an advisory for Apple users regarding multiple vulnerabilities that could potentially enable attackers to bypass Privacy preferences.
• The vulnerabilities affect Apple's Safari web browser, macOS versions before 13.3, and several components of Apple tvOS and watchOS.
• The agency advises users to upgrade to newer Apple tvOS and watchOS versions.

India's national nodal agency overseeing cybersecurity-related issues, CERT-In, has issued a crucial advisory for users of Apple products. The agency has discovered multiple vulnerabilities in Apple products that could potentially enable attackers to bypass Privacy preferences, execute arbitrary code with kernel privileges, gain access to sensitive information, and even spoof user interfaces on targeted systems.

According to CERT-In, several vulnerabilities have been found in Apple's Safari web browser, specifically related to improper state management in the WebKit component. Hackers could exploit these flaws by tricking users into visiting malicious websites and extracting sensitive information. For Mac users, multiple vulnerabilities have been identified that could allow attackers to manipulate various applications and extract sensitive data due to memory issues, improper checks, and other issues.

These vulnerabilities are considered high-severity and affect systems running on macOS Ventura versions before 13.3, macOS Big Sur versions before 11.7.5, and macOS Monterey versions before 12.6.4. Additionally, multiple issues have been identified on Apple Watches and Apple TVs. CERT-In warns that these vulnerabilities exist in Apple tvOS and watchOS products due to flaws in several components, including Identity Services, Podcasts, and WebKit.

These vulnerabilities could allow attackers to bypass privacy preferences, execute arbitrary code with kernel privileges, and even spoof user interfaces on targeted systems if exploited.
What should users do?
To safeguard against the vulnerabilities identified by CERT-In, users are strongly advised to update their software versions. Mac users should also upgrade to the latest macOS version to ensure their systems are secure.

For those curious about the specifics of these new updates, click $4 to read more about the latest software updates from Apple.

For Apple Watches and Apple TVs, users are urged to upgrade to the newest versions of tvOS and watchOS to protect against the identified vulnerabilities. These updates provide important security patches to prevent potential exploitation by attackers.

SEE ALSO:
$4
$4