Delhi Delhi. The Indian Computer Emergency Response Team (CERT-In), the cyber security arm of the Government of India, has issued an advisory warning Apple device owners in the country about two high-risk vulnerabilities that could lead to hacking of user data.
In its advisory, CERT-In said these vulnerabilities could be exploited by attackers to execute malicious code or conduct XSS attacks on targeted systems. For those unaware, XSS attacks stand for Cross Site Scripting attack. In such attacks, a hacker uses a web app to send malicious code that will execute only when the targeted user loads the website.
“Two vulnerabilities were reported in Apple products that could be exploited by an attacker to execute arbitrary code or conduct an XSS attack on an affected device,” CERT-In wrote in its advisory.
“There is potential for unauthorized access to sensitive user information, denial of service (DoS) and data manipulation,” the organization said. This means that hackers can also use these vulnerabilities to make the targeted system unavailable to the user and manipulate its data.
Apple Vulnerabilities: What are the vulnerabilities and how do they affect Apple devices?
The first issue – CVE-2024-44308 – exists in a system component called JavaScriptCore, which is used by Safari and other apps. This bug could be exploited by an attacker to execute arbitrary code or infected code on a targeted Apple device, leading to security issues and potential cyberattacks.
The second issue – CVE-2024-44309 – exists in a component called WebKit, which powers Safari and web content on Apple devices, according to CERT-In. This issue can be exploited by an attacker to trigger an XSS attack on a targeted device.
Apple vulnerabilities: Who is affected by these vulnerabilities?
According to details shared by India's cyber security agency, iPhones and iPads running OS versions earlier than 18.1.1, Macs running macOS Sequoia versions earlier than 15.1.1, and Macs running versions earlier than 2.1.1 Apple Vision Pro is affected by these vulnerabilities.
Apple vulnerabilities: How can Apple device owners protect themselves?
Apple device owners can protect themselves by downloading the latest versions of iOS, iPadOS or macOS on their devices. Here's a step-by-step guide for this:
How to Update iPhone or iPad
Step 1: Open the Settings app on your device.
Step 2: Tap on the General Settings option.
Step 3: Tap on Software Update option.
Step 4: Tap the Update Now button.
How to update your Mac
Step 1: Click the Apple menu.
Step 2: Click on System Settings.
Step 3: Click on General option.
Step 4: Finally, click on the Software Update option.
Comments are closed.