Apple iPhone users have been warned about several high-risk security flaws that pose a threat to their devices and could steal confidential data. A warning has been issued by the Indian government for several iPhone models, and advised them to update their devices to the latest version of iOS software update.
Center’s warning to Apple iPhone users
The Indian Computer Emergency Response Team (CERT-In) has issued a high-risk security alert against multiple vulnerabilities found in Apple iPhone models. According to the warning, hackers can exploit these security-related vulnerabilities to gain access to sensitive information, launch a denial of service (DoS), and execute arbitrary code on the device.
Apple is affected by software vulnerabilities
The vulnerabilities affect a range of Apple products, including iPhones, iPads, Macs and Watches. Here is a list of Apple software affected by the vulnerabilities.
iPhones with iOS versions prior to 17.2 and 16.7.3 are affected, while iPads with iPadOS versions prior to 17.2 and 16.7.3 are affected. Meanwhile, Apple Macs with macOS Sonoma versions before 14.2, Monterey versions before 12.7.2, and Ventura versions before 13.6.3. The vulnerabilities affect Apple TV, Watch, and Safari users with versions older than 17.2 tvOS, 10.2 watchOS, and 17.2 Safari.
What are the risks?
Many of the vulnerabilities found would allow cyber criminals or hackers to perform the following malicious activities:
Steal sensitive data: Hackers can exploit these vulnerabilities to gain access to sensitive information such as user personal data, passwords, photos, or records of financial transactions or stored bank account details.
Gain elevated privileges: Hackers can increase their access level.
Take control of your devices: They can take over your phone by bypassing authentication and installing malicious code containing malware, and use it for nefarious activities.
Disrupt services: They can also carry out DoS attacks that can make your device inaccessible or unusable.
Bypass security restrictions: They can gain access to your device by bypassing the security restrictions of iPhone or other Apple devices.
What safety measures should be taken?
To stay safe from hackers, CERT-In advises Apple iPhone users running the mentioned versions or iPad, Mac and Apple Watch users to update their software to the latest version as soon as possible.
Here are some safety measures you can take:
Update your iPhone, iPad, Mac, or Apple Watch to the latest software with security patches. Note that CVE-2023-42916 and CVE-2023-42917 are being actively exploited.
Set up two-factor authentication and a strong password for your Apple device.
You can download software updates manually or enable automatic updates to receive future security patches as soon as they are released.
Do not click on suspicious links or attachments as these may exploit these vulnerabilities.
