The Indian Computer Emergency Response Team (CERT-In) has issued a high-severity advisory for Apple users, highlighting critical vulnerabilities that could compromise devices. The affected systems include iPhones, iPads, Macs, and Safari, with attackers potentially exploiting these flaws to execute arbitrary code or conduct cross-site scripting (XSS) attacks. Users are strongly advised to update their devices to the latest software versions to mitigate these risks.
The advisory identifies two primary vulnerabilities: an execution flaw in JavaScriptCore, which processes JavaScript in Safari and other apps, and an XSS vulnerability in WebKit, the engine powering Safari. Exploiting these vulnerabilities could enable unauthorized access, data theft, denial of service, and manipulation of user information. Impacted versions include iOS and iPadOS versions prior to 18.1.1 and 17.7.2, macOS Sequoia versions earlier than 15.1.1, visionOS prior to 2.1.1, and Safari versions before 18.1.1. Users must immediately update to iOS 18.1.1 or 17.7.2 for iPhones and iPads, macOS Sequoia 15.1.1 for Macs, visionOS 2.1.1, and Safari 18.1.1. CERT-In warns that successful exploitation could lead to unauthorized access, data theft, and system control, posing significant risks. Prompt action is crucial to protect devices and secure sensitive information.
 has issued a high-severity advisory for Apple users, highlighting critical ...){kind=link}