Edition
IN
TOI logo

TOI

Today's ePaper
Trending

Government warns Apple users of critical vulnerabilities: Here’s what to do

TOI Tech Desk / TIMESOFINDIA.COM / Nov 25, 2024, 08:20 IST
Share
AA
Text Size
  • Small
  • Medium
  • Large
Follow us
CERT-In has issued a high severity warning for Apple users, highlighting vulnerabilities in iPhones, iPads, Macs, and Safari. These vulnerabilities could allow attackers to execute code or perform cross-site scripting attacks. Users are urged to update their devices to the latest software versions to mitigate these risks.
Government warns Apple users of critical vulnerabilities: Here’s what to do
Apple users, the Computer Emergency Response Team (CERT-In) has issued an advisory highlighting multiple vulnerabilities in Apple products. The impacted devices include iPhones, iPads, Macs and the browser Safari. The advisory, dated November 21, 2024 comes with high severity rating and advises Apple users to apply appropriate security updates. Here’s all that you need to know about the CERT-In advisory

Versions impacted


As per the cyber security body, following Apple versions are affected:
  • Apple iOS and iPadOS versions prior to 18.1.1
  • Apple iOS and iPadOS versions prior to 17.7.2
  • Apple macOS Sequoia versions prior to 15.1.1
  • Apple visionOS versions prior to 2.1.1
  • Apple Safari versions prior to 18.1.1

What the govt advisory says


“Two vulnerabilities were reported in Apple products – Execution Vulnerability (CVE-2024-44308) and Cross-Site Scripting Vulnerability (CVE-2024-44309), which could be exploited by an attacker to execute arbitrary code or perform XSS attacks on the affected device,” the advisory reads. Target audience include individuals and organizational users of Intel-based Mac systems, including macOS, iOS, and iPadOS devices.

CERT-In says that the Execution vulnerability exists in JavaScriptCore, which is used by Apple's Safari browser and other applications to process JavaScript. An attacker could exploit this issue to execute arbitrary code execution by sending maliciously crafted web content to the affected device.
Also read:Elon Musk shares Aston Martin's 'fake ad' with Playboy cover photo that went viral: This meme ad was ...
While the Cross-Site Scripting vulnerability exists in WebKit, the engine that powers Safari and web content on Apple devices. “An attacker could exploit this issue by sending maliciously crafted web content to trigger cross-site scripting (XSS) on the affected device. These vulnerabilities may have been actively exploited on Intel-based Mac systems. Users are strongly advised to update their devices to the latest software versions to mitigate the risk,” the advisory says.
Successful exploitation can lead to ‘high risk of unauthorized access, data theft, or gain control of affected systems’ by the cyber criminals. It can also result in unauthorized access to sensitive user information, denial of service and data manipulation.

What should users do


The CERT-In says that Apple users must apply appropriate security updates as mentioned in the Apple Security Updates. iPhone and iPad users should update to the latest software versions – iOS 18.1.1 or iOS 17.7.2, while Mac users should install macOS Sequoia 15.1.1 on their device. Apple visionOS users should update to version 2.1.1 and Safari users should upgrade to version 18.1.1.
author
About the Author
TOI Tech Desk

The TOI Tech Desk is a dedicated team of journalists committed to delivering the latest and most relevant news from the world of technology to readers of The Times of India. TOI Tech Desk’s news coverage spans a wide spectrum across gadget launches, gadget reviews, trends, in-depth analysis, exclusive reports and breaking stories that impact technology and the digital universe. Be it how-tos or the latest happenings in AI, cybersecurity, personal gadgets, platforms like WhatsApp, Instagram, Facebook and more; TOI Tech Desk brings the news with accuracy and authenticity.

End of Article

Latest Mobiles

View All
FOLLOW US ON SOCIAL MEDIA

Photostories

Hot Picks

TOP TRENDING

Trending Stories

In Section
Entire Website
Explore Every Corner
Across The Globe
IPL Sold Players of all teamsWWE Survivor Series Match ResultsShinsuke NakamuraIND vs AUS Warm Up MatchCBSE Date Sheet
Mike McCarthyIPL 2025 Teams Support StaffMost uncapped playersNBA Full Game ScheduleCSK Full Squad
MI Squad Projected 11RCB Squad Projected 11WWE Survivor Series Winners ListIPL Most Expensive PlayerCKS Squad Projected 11
IPL Teams SquadsCyclone FengalIPL All Teams SquadIPL Auction Unsold Player ListPBKS IPL Team Player List
IPL AuctionIndian Student Killedin ChicagoScientifically Proven WaysJoe RootWorld Chess Championship
Matt EberflusTrey JemisonDonald TrumpPatrick MahomesBank Holidays In December
logo
About usCreate Your Own AdTerms of Use and Grievance Redressal Policy Privacy policyAdvertise with usRSSNewsletterFeedbackePaperSitemapArchives

Other Times Group News Sites

The Economic TimesHindi Economic TimesNavbharat TimesMaharashtra TimesVijaya KarnatakaTelugu SamayamTamil SamayamMalayalam SamayamI am GujaratTimesPointsIndiatimesBrand CapitalEducation TimesTimes FoodMumbai MirrorBangalore MirrorHindi Podcast

Popular Categories

HeadlinesSports NewsBusiness NewsIndia NewsWorld NewsBollywood NewsHealth+ TipsIndian TV ShowsCelebrity PhotosTechnology News

Hot on the Web

Justin BieberMalaika AroraSobhita DhulipalaShah Rukh KhanBigg Boss 18 Contestants ListViral NewsKusha KapilaAditya PancholiVitamin DSamantha Ruth Prabhu

Top Trends

Rob GronkowskiIPL 2025 Sold and Unsold Player ListJosh AllenSophie RainPaul HeymanDelhi Cricket TeamIPL Players TransferIPL 2025 Full Teams SquadMaharashtra New CMJosh Allen ExRCB Team SquadMatthew HaydenIPL All TeamsXi JinpingTaylor SwiftParth JindalDeion SandersLive Cricket Score

Trending Topics

Anupamaa Stars Education QualificationSamantha Ruth Prabhu Father DeathHema MaliniWeight GainAllu ArjunAmitabh Bachchan HomeDua LipaBigg Boss 18 PromoBigg Boss 18National ParkNagarjunaKangana RanautHair FallSkincare Tips for WinterWeight Loss TipsHair FalliPhone 15 ProPan 2.0Ufo Sighting Over Capitol Hill

Living and entertainment

ETimesTravel DestinationsCricbuzz.comTVLifestyleNewspaper SubscriptionFood NewsTimes PrimeWhats Hot

Services

CouponDuniaTechGigTimesJobsBollywood NewsTimes MobileGadgetsWork with UsColombia

Latest News

‘Virtually zero risk’: Rabies expert questions killing of pet squirrel PeanutHealth camps a tool for private hospitals to hike occupancy​UK man gets £2 compensation after he finds a ‘smooth’ Mars chocolate barLong queue at border checkpost as Bangladeshi nationals rush to go back homeBangladeshi patients cancel surgeries at Kolkata hospistals amid turmoilEmulate Yogi, bring in bulldozers: Uttarkashi mahapanchayat's message to CM Dhami'Willingness to lie to the US government': Vivek Ramaswamy criticises US immigration system, advocates reformAdopt 'SMART' policing: PM Modi to cops amid rising digital fraudsKavita Kaushik seemingly takes a dig at Salman Khan and defends Vivek Oberoi: 'Country charmed with roasting, dadagiri...'On Soren prod, Jharkhand official in talks with West Bengal to resolve potato crisisVarun Dhawan, Janhvi Kapoor, Rohit Saraf, and Sanya Malhotra give a quirky twist to ‘Nain Matakka’ from ‘Baby John’ - WATCHBJP not scared of Vijay's political entry: Tamil Nadu state chief AnnamalaiNMC advisory for students eyeing private medical colleges abroadSC stalls razing of illegal structure in MumbaiWhen Kareena Kapoor spoke about getting paid less than husband Saif Ali Khan and the three Khans: 'If this is not worthy enough...'Indians stranded at Kuwait airport after snag leads to flight diversionPrayagraj set to welcome 40 crore for Maha Kumbh '25Bigg Boss 18: What made Shilpa Shirodkar say 'I am happy to come out, mukhya dwaar khol do' when Salman Khan teased her
Copyright © 2024 Bennett, Coleman & Co. Ltd. All rights reserved. For reprint rights: Times Syndication Service