iPhones, Mac and Apple Watch users at risk of DoS attacks, security bypassing: CERT-In- The Week

Apple fans are scrambling to get their hands on the new iPhone 16 models and Apple Watch Series 10. However, if you are using Apple devices with earlier versions of iOS, iPadOS, macOS, watchOS, tvOS and visionOS, you could be at high risk.

The Indian Computer Emergency Response Team (CERT-In) recently issued an advisory, warning of high risk.

Which Apple OS versions are at high risk?

• iOS: Versions prior to 18 and 17.7
• iPadOS: Versions prior to 18 and 17.7
• macOS Sonoma: Versions prior to 14.7
• macOS Ventura: Versions prior to 13.7
• macOS Sequoia: Versions prior to 15
• tvOS: Versions prior to 18
• watchOS: Versions prior to 11
• Safari: Versions prior to 18
• Xcode: Versions prior to 16
• visionOS: Versions prior to 2

What are the risks?

• Gain unauthorised access to sensitive information
• Execute arbitrary code on the device
• Bypass critical security restrictions
• Cause denial-of-service (DoS) conditions
• Elevate privileges to gain control over the system
• Perform spoofing attacks
• Engage in cross-site scripting (XSS) attacks

How to avoid security risks?

• Update to the latest security patches
• Do not connect to unsecured or public Wi-Fi networks
• Implement two-factor authentication to add an extra layer of security
• Download apps only from App Store
• Back up important data regularly

In March 2024, CERT-In warned of a vulnerability that allows attackers to execute arbitrary code remotely. The warnings were issued for iOS prior to 16.7.7 and 17.4.1 and iPadOS prior to 16.7.7 and 17.4.1, Safari versions prior to 17.4.1, macOS Ventura prior to 13.6.6, macOS Sonoma prior ot 14.4.1 and visionOS prior to 1.1.1.