Moneycontrol
    Moneycontrol PRO
    LAMF
    LAMF

    Your iPhone, iPad and Mac security is at risk: Indian government issues high severity warning for these devices

    The advisory affects several Apple products, including iPhones, iPads, and Macs, and urges users to update their devices to the latest software versions.
    Moneycontrol News
    November 25, 2024 / 13:24 IST
    Apple

    CERT-In has issued a high-severity advisory warning users of Apple devices about multiple vulnerabilities that could allow attackers to execute arbitrary code or perform cross-site scripting (XSS) attacks. The advisory affects several Apple products, including iPhones, iPads, and Macs, and urges users to update their devices to the latest software versions.

    Vulnerability details

    Two vulnerabilities have been identified:

    Arbitrary Code Execution Vulnerability (CVE-2024-44308)

    This issue exists in JavaScriptCore, which is used by Apple’s Safari browser and other applications to process JavaScript. Attackers can exploit the vulnerability by sending malicious web content, enabling them to execute arbitrary code on affected devices.

    Cross-Site Scripting Vulnerability (CVE-2024-44309)

    This vulnerability affects WebKit, the engine powering Safari and other web content on Apple devices. It can be exploited through malicious web content, leading to cross-site scripting attacks.

    CERT-In has noted the possibility of actively exploiting these vulnerabilities, particularly on Intel-based Mac systems.

    Affected devices

    The vulnerabilities affect the following Apple products:

    Apple iOS and iPadOS versions prior to 18.1.1 and 17.7.2

    Apple macOS Sequoia versions prior to 15.1.1

    Apple visionOS versions prior to 2.1.1

    Apple Safari versions prior to 18.1.1

    Users of Intel-based Macs, iPhones, and iPads are at high risk.

    What users should do

    CERT-In recommends updating affected devices to the latest software versions to mitigate the risks.

    iPhone and iPad users should install iOS 18.1.1 or iOS 17.7.2.

    Mac users should update to macOS Sequoia 15.1.1.

    visionOS users should upgrade to version 2.1.1.

    Safari users should ensure they are using version 18.1.1.

    Keeping devices updated with the latest patches can help protect against unauthorised access, data theft, and system compromise. Apple users should apply these updates immediately to secure their devices.

    Invite your friends and family to sign up for MC Tech 3, our daily newsletter that breaks down the biggest tech and startup stories of the day

    Moneycontrol News

    Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!

    Subscribe to Tech Newsletters

    • On Saturdays

      Find the best of Al News in one place, specially curated for you every weekend.

    • Daily-Weekdays

      Stay on top of the latest tech trends and biggest startup news.

    Advisory Alert:

    It has come to our attention that certain individuals are representing themselves as affiliates of Moneycontrol and soliciting funds on the false promise of assured returns on their investments. We wish to reiterate that Moneycontrol does not solicit funds from investors and neither does it promise any assured returns. In case you are approached by anyone making such claims, please write to us at grievanceofficer@nw18.com or call on 02268882347