Indian govt issues warning for MacBook, iPhone, iPad users: check if your device is vulnerable

A remote attacker may leverage these flaws to run arbitrary codes, bypass security protocols, and disrupt the operation of targeted systems. According to reports, attackers could use these flaws by luring a victim to access maliciously created web content to skirt security checks and execute arbitrary code.

CERT-In suggests to cope with these vulnerabilities, update your Apple devices to the latest available security patches for Apple software. Therefore, updating the newest OS version available for these devices – macOS 12.5, iOS 15.6, and iPadOS 15.6 – will fix these issues.

Apple MacOS, iOS, iPadOS security threats

According to the post, the vulnerabilities in macOS are out-of-bounds read in AppleScript, SMB and Kernel, and out-of-bounds write in Audio, ICU, PS Normalizer, GU Drivers, SMB, and WebKit. Further, the post discloses data breaches in the Calendar and iCloud Photo Library and authorisation concerns in Apple Mobile File Integrity. Other known vulnerabilities listed in the post are memory corruption in the Intel Graphics Driver, GPU Drivers, SMB, PluginKit, Windows Server, Automation, and the File System Events.

Moving to iOS and iPadOS, high-risk vulnerabilities in iPhones and iPads can be caused by out-of-bounds writing in WebKit, ICU, Audio, GPU Drivers, and a buffer overflow in AppleAVD. Further, Authorisation issues in the Apple Mobile File Integrity and logic issues in File System Events, Home, ImageIO, Kernel and PluginKit.