The national nodal agency Warns Apple Users Of Risk
The national nodal agency that oversees cybersecurity-related issues, CERT-In, has issued medium to high-severity warnings regarding vulnerabilities found on Mac PCs, Watches, and Apple TVs.
If these vulnerabilities are exploited, attackers could gain access to sensitive information. CERT-In advises users to update their software versions immediately.
On Macs, the vulnerabilities are found in Apple’s Safari web browser due to “improper state management” in the WebKit component.
If a user is persuaded to a specially crafted web page, sensitive information could be extracted. To fix this issue, users need to upgrade to Safari version 16.4.
Additionally, multiple vulnerabilities exist in MacOS versions prior to 13.3, 11.7.5, and 12.6.4. Attackers can exploit these vulnerabilities to manipulate various applications to extract sensitive data.
To ensure security, users are advised to upgrade to the latest MacOS version.
The same goes for Apple Watches and Apple TVs. Vulnerabilities exist due to flaws in “AppleMobileFileIntegrity, Identity Services, Podcasts, TCC, Find My, Shortcuts, and WebKit.”
Attackers could bypass privacy preferences, execute arbitrary code with kernel privileges, and gain access to sensitive information. Upgrading to newer Apple tvOS and watchOS versions will fix these issues.
Although there isn’t a warning for iPhone and iPad users, it is best to update the operating system versions to iOS 16.4 and iPadOS 16.4.
It is important to note that Apple is aware of these problems and has addressed them in the latest software versions.