Critical vulnerabilities found in Apple devices, users should update immediately
What's the story
The Indian Computer Emergency Response Team (CERT-In) has flagged multiple vulnerabilities in Apple products, warning that they could allow attackers to bypass security measures and steal your sensitive data.
In an advisory issued Tuesday, CERT-In cautioned that these flaws could also enable attackers to bypass authentication, escalate privileges, manipulate data, and carry out spoofing attacks on targeted systems.
Concerns
macOS, iOS, and iPadOS devices at risk: CERT-In
The identified vulnerabilities stem from issues like null pointer dereference, type confusion, use-after-free errors, out-of-bounds access, improper file handling, and flawed parsing.
Other concerns include inadequate input validation, exposure of sensitive data, race conditions, buffer overflows, and path handling flaws.
According to CERT-In, "the target audience could be individuals and organisational users of macOS, iOS, and iPadOS devices."
Solution
Patch vulnerabilities before they are exploited
CERT-In's report follows Apple's latest OS rollout for its devices.
The nodal agency advises users to update their devices regularly or enable automatic updates to patch vulnerabilities before they can be exploited.
For major updates such as iOS 18.3, it's recommended to stay connected to Wi-Fi and keep the device charging to ensure a smooth installation.