Every once in a while, the Indian Computer Emergency Response Team (CERT-IN), which falls under the Ministry of Electronics and Information Technology of the Government of India, warns users about vulnerabilities found in various lines of products. iPhone users must update their devices as soon as possible. (Bloomberg)

In its latest warning, CERT-IN is alerting Apple users to multiple high-severity vulnerabilities found in Apple products. These affect various software versions across a range of Apple devices, including the iPhone, iPad, and Mac.

These users are affected

The warning concerns affects users running iOS versions prior to 18.6, iPadOS versions prior to 17.9.9 and 18.6, macOS Sequoia versions prior to 15.6, macOS Sonoma versions prior to 14.7.7, macOS Ventura versions prior to 13.7.7, watchOS versions prior to 11.6, tvOS versions prior to 18.6, and visionOS versions prior to 2.6.

What are the risks and what you need to do

If you do not update to the latest versions, there are several risks. CERT-IN states that multiple vulnerabilities have been detected in Apple products, which exist due to type confusion, use-after-free errors, out-of-bounds memory access, integer overflows, buffer overflows, race conditions, and more.

Ultimately what could end up happening is: an attacker could take advantage of these vulnerabilities and target you if you are running these older software versions. By sending specially crafted requests to a user's device, a successful hacker might be able to access your sensitive data, execute arbitrary code, bypass security restrictions, and even cause denial-of-service conditions on the affected devices.

Simply put, it is not going to be a good situation to be in, you might have to face data loss and theft, which is going to cost a lot of trouble. Therefore, it is in your best interest to update to the latest available Apple software that addresses these vulnerabilities. Doing so will protect you from the risks mentioned above. It is also worth noting that Apple typically discloses vulnerabilities only after fixes have been released.

