High-risk warning issued for Apple users | Check Details
New Delhi: The Indian Computer Emergency Response Team (CERT-In) has issued a 'high-risk' warning for users of Apple products, including iPhones, MacBooks, iPads and Vision Pro headsets. This advisory comes in response to a critical vulnerability identified in connection to 'remote code execution' affecting various Apple software and hardware components.
The vulnerability, deemed highly significant, poses a serious threat as it enables remote attackers to execute arbitrary code on targeted systems. This exploit leverages an out-of-bounds write issue present in WebRTC and CoreMedia, effectively compromising devices remotely.
The affected products include a range of Apple software and hardware versions. Prior versions of Apple Safari, macOS Ventura, macOS Sonoma, visionOS, iOS, and iPadOS are susceptible to this vulnerability. Users of specific iPhone and iPad models, such as iPhone XS, iPad Pro, iPad Air, and iPad mini, are particularly at risk if their devices run on outdated versions of iOS and iPadOS. Similarly, MacBook users using earlier versions of macOS Ventura and macOS Sonoma, along with Apple Vision Pro headset users with outdated visionOS versions, face potential security threats.
/ptc-news/media/media_files/Y0ItuQvXNld64RgHHVo6.jpg)
To mitigate the risks associated with this vulnerability, CERT-In recommends several precautionary measures
Firstly, users are urged to ensure that their Apple iOS, iPadOS, macOS, and visionOS systems are updated to the latest versions containing the necessary security patches. Regular software updates are essential to address known vulnerabilities and enhance overall system security.
Secondly, users should exercise caution when connecting to Wi-Fi networks, especially those that are unsecured or public. By avoiding such networks or using Virtual Private Network (VPN) services, users can minimise the risk of unauthorised access to their devices and sensitive information.
Also Read | Why Vistara passengers facing flight delays and cancellations?
Also Read | Maximum temperatures from April to June likely to surpass normal levels: IMD
Also Read | China renames 30 places in Arunachal Pradesh amid escalating tensions
Also Read | Why Katchatheevu island dispute has resurfaced ahead of 2024 Lok Sabha elections? Explained
Thirdly, implementing Two-Factor Authentication (2FA) adds an extra layer of security against potential credential compromises. Enabling 2FA helps prevent unauthorised access to user accounts, even if login credentials are compromised.
Moreover, users are advised to download apps and software only from trusted sources such as the Apple App Store. By avoiding third-party app stores and unverified sources, users can reduce the risk of downloading malicious software or apps containing malware.
Lastly, it is crucial for users to regularly back up important data stored on their devices. By maintaining up-to-date backups, users can safeguard their data against potential loss resulting from security breaches, system failures, or other unforeseen events.
-
