CERT-In has issued a high-severity advisory alerting Apple device users to multiple vulnerabilities that could enable attackers to execute arbitrary code or carry out cross-site scripting (XSS) attacks. The advisory impacts various Apple products, including iPhones, iPads, and Macs, and recommends users update their devices to the latest software versions.
CERT-In has classified these vulnerabilities as “High Risk,” indicating that they could potentially enable attackers to gain unauthorized access to sensitive user data, disrupt device functionality, or even manipulate data.
ALSO SEE: With A $348 Billion Fortune, Elon Musk Now The Wealthiest Individual In History
According to CERT-In, two vulnerabilities have been identified in Apple devices: Arbitrary Code Execution (CVE-2024-44308), that affects JavaScriptCore, used by Safari and other applications to process JavaScript. This flaw can be exploited by attackers sending malicious web content, enabling them to execute arbitrary code on affected devices.
Apple’s got some exciting #iOS19 features planned, but won’t arrive on time.
Several key features, including a major Siri upgrade, are being pushed back to the iOS 19.4 update, scheduled for release in spring 2026.
This could mean a more polished and feature-rich experience. pic.twitter.com/iqwFteIIea
— Rebruit (@onrebruit) November 25, 2024
The second vulnerability, Cross-Site Scripting (CVE-2024-44309), affects WebKit, the engine powering Safari and other web content. This vulnerability can be exploited through malicious web content, potentially leading to cross-site scripting attacks. CERT-In has noted the possibility of active exploitation, particularly on Intel-based Mac systems.
🚨 Breaking: Apple postpones several iOS 19 features to iOS 19.4 releasing in spring 2026
Apple has delayed a significant number of iOS 19 features to the subsequent iOS 19.4 update, expected in spring 2026. pic.twitter.com/ETaZZbjei0
— Jason Castellano (@_ImJasonC) November 25, 2024
The affected devices include iOS and iPadOS versions prior to 18.1.1 and 17.7.2, macOS Sequoia versions before 15.1.1, visionOS versions before 2.1.1, and Safari versions before 18.1.1. Users with Intel-based Macs, iPhones, and iPads are particularly at high risk. CERT-In urges affected users to update their devices to the latest software versions to mitigate these security risks.
CERT-In advises users to update their Apple devices to the latest software versions to mitigate security risks. For optimal protection, iPhone and iPad users should install iOS 18.1.1 or iOS 17.7.2, Mac users should update to macOS Sequoia 15.1.1, visionOS users should upgrade to version 2.1.1, and Safari users should ensure they are using version 18.1.1. Promptly applying these updates is crucial for securing devices against potential unauthorized access, data theft, and system compromise.
ALSO SEE: ‘What A Joke’ Netizens React To AI Jesus Who Listens To Confessions In 100 Languages
