Govt issues security alert to iPhone, MacBook and Apple Watch users in India

The Indian Computer Emergency Response Team (CERT-In) has issued a high-risk alert for Apple device users in India. The alert applies to iPhone, MacBook, Apple Watch, Safari, and VisionOS users. CERT-In has issued the alert for the following versions of Apple software: iOS and iPadOS versions prior to 17.6 and 16.7.9, macOS Sonoma versions prior to 14.6, macOS Ventura versions prior to 13.6.8, macOS Monterey versions prior to 12.7.6, watchOS versions prior to 10.6, tvOS versions prior to 17.6, visionOS versions prior to 1.3, and Safari versions prior to 17.6.

The government agency says it has discovered “multiple vulnerabilities” in Apple products. These vulnerabilities could potentially allow an attacker to “access sensitive information, execute arbitrary code, bypass security restrictions, cause denial of service (DoS), and conduct spoofing attacks on a targeted system.” Essentially, CERT-In has discovered several security issues in Apple products. These issues could allow attackers to steal sensitive information, execute malware, bypass security measures, disrupt services, and deceive users with false information on affected devices.

The security agency recommends immediately updating iPhones, MacBooks, Apple Watches, and the Safari browser if your device is running the software versions listed above.

How to protect yourself from such threats

While keeping your software up to date is one way to keep your devices as safe as possible against these types of threats, there are a few other steps you can take to ensure the same.

Regularly check for software updates and enable automatic updates when available. This practice helps protect against newly discovered vulnerabilities. Also, avoid clicking suspicious links or downloading unverified apps, as these can be vectors for malicious attacks. Always download apps from the official App Store.

Use strong, unique passwords for your Apple ID and other accounts. Turn on two-factor authentication (2FA) for an extra layer of security. Regularly review and manage permissions granted to apps on your devices.

Be wary of unexpected requests for personal information or credentials. Phishing attempts can exploit these vulnerabilities, so verifying the source before providing any information is essential.

By following the steps below, you can increase the security of your device and minimize the risk of these vulnerabilities being exploited.