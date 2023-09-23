The Indian government has issued a high-severity warning to Apple users about a new security vulnerability that could allow attackers to take control of their devices. The vulnerability is in the WebKit browser engine, which is used by Safari and other browsers. It comes in Apple products such as the iPhone and watch.

Attackers could exploit the vulnerability by tricking users into visiting a malicious website or opening a malicious attachment. If successful, the attackers could gain access to the user's personal information and files, and they could even install malware on the user's device.

These vulnerabilities exist in Apple products as a result of issues with certificate validation in the Security component, the Kernel, and the WebKit component. An attacker could exploit these flaws by sending a cleverly constructed request. These weaknesses could grant an attacker higher access rights by circumventing security safeguards on the targeted system or executing arbitrary code.

According to the national nodal authority that manages cybersecurity-related problems across many releases, users who want to secure their personal data should immediately update their devices to the most recent watchOS, tvOS, and macOS versions. If Apple watches, TVs, iPhones, and MacBooks' software flaws are not resolved, attackers may be able to get access to the devices.

Apple has also supplied the necessary upgrades to fix this issue on the official website, cert-in.org.in.

The Indian Computer Emergency Response Team (CERT-In or ICERT) is managed by the Government of India's Ministry of Electronics and Information Technology. It is the central organisation in charge of dealing with threats to online safety such as scamming and hacking. It strengthens the security defences of the Indian Internet domain.

List of affected softwares

Apple macOS Monterey versions prior to 12.7

Apple macOS Ventura versions prior to 13.6

Apple watchOS versions prior to 9.6.3

Apple watchOS versions prior to 10.0.1

Apple iOS versions prior to 16.7 and iPadOS versions prior to 16.7

Apple iOS versions prior to 17.0.1 and iPadOS versions prior to 17.0.1

Apple Safari versions prior to 16.6.1

