Are You An Apple User? You Might Need To Update Your Device Immediately—Here's Why
CERT-In Warning: The apex cybersecurity agency, CERT-In, has asked Apple users to update their devices immediately, warning that dangerous flaws could leave them open to hacking.
The central government has issued a security alert for Apple users over several vulnerabilities in devices. The latest cybersecurity advisory asks Apple users to update their iPhones, iPads and other gadgets immediately.
The Indian Computer Emergency Response Team (CERT-In) has issued a high-severity warning due to critical security vulnerabilities detected in Apple products. The country’s apex cyber surveillance agency, functioning under the Ministry of Electronics and IT, has asked users to immediately update their iPhones, iPads and MacBooks to remain safe.
CERT-In advisory for Apple users
The advisory, which has been indexed as CIVN-2025-0163, identifies flaws in multiple Apple operating systems. According to the agency, the vulnerabilities affect individual and organisational users of iOS, iPadOS, macOS, watchOS, tvOS and visionOS.
Devices with lower versions, including iOS below 18.6, iPadOS below 17.7.9 or 18.6, macOS Sequoia below 15.6, macOS Sonoma below 14.7.7, macOS Ventura below 13.7.7, watchOS below 11.6, tvOS below 18.6 and visionOS below 2.6 are vulnerable.
CERT-In said in its notice, “Multiple vulnerabilities have been reported in Apple products which could allow an attacker to access sensitive information, execute arbitrary code, bypass security restrictions, gain elevated privileges, or cause denial‑of‑service (DoS) conditions on affected systems.”
CERT-In said in its notice, “Multiple vulnerabilities have been reported in Apple products which could allow an attacker to access sensitive information, execute arbitrary code, bypass security restrictions, gain elevated privileges, or cause denial‑of‑service (DoS) conditions on affected systems.”
Why is your Apple device vulnerable?
The flaws have been identified due to a variety of coding errors such as type confusion, use‑after‑free bugs, out‑of‑bounds memory read/write, integer overflows, buffer overflows, race conditions, logic bugs, inadequate input validation, incorrect file parsing, buggy memory handling, and poor privilege management. In most instances, an attacker might exploit these bugs by sending specially crafted requests to a victim system.
If successfully exploited, an attacker can gain access to confidential information, run arbitrary code, circumvent security checks, escalate privileges, or even make devices useless with Denial of Service attacks.
To prevent such threats, CERT-In recommends, “Apply appropriate fixes as mentioned in Apple Security Updates.” Patches to address the discovered vulnerabilities have already been released by Apple, and they are available through official support for all the targeted platforms.
Users must also follow normal cyber hygiene. They must not install questionable apps, should not click on suspicious links, keep devices under surveillance for any suspicious activity and keep all systems up to date. With increasing instances of cyberattacks on mobile and desktop platforms as well, CERT-In's advisory highlights the need for forward thinking in the online environment.
