In a serious security alert, the Indian government has warned iPhone and iPad users about multiple vulnerabilities in Apple’s iOS and iPadOS software.
These flaws, if exploited, could allow attackers to access sensitive data or even render devices completely unusable. The Indian Computer Emergency Response Team (CERT-In), operating under the Ministry of Electronics and Information Technology, has issued a high-severity warning to Apple device users.
According to the advisory, the vulnerabilities impact a wide range of devices, including both older and newer models. Affected devices include iPhones running iOS versions prior to 18.3 and iPads operating on iPadOS versions earlier than 17.7.3 or 18.3, depending on the model. This includes the iPhone XS and newer models, as well as iPads such as the iPad Pro (2nd generation and later), iPad 6th generation and above, iPad Air from the 3rd generation onwards, and iPad mini from the 5th generation upwards.
One of critical flaws lies in the Darwin notification system—a key part of Apple’s internal messaging framework. This vulnerability allows any application, even without special permissions, to send sensitive system-level notifications. If misused, this flaw could potentially crash the device, rendering it unresponsive until manually restored.
•Potential Consequences•
The impact of these vulnerabilities could be severe. Hackers may be able to steal confidential data, including personal and financial information, bypass built-in security mechanisms, and execute unauthorised code. Most alarmingly, in some cases, they could crash the device entirely, leaving it inoperable. CERT-In has also confirmed that some of these vulnerabilities are being actively exploited in real-world scenarios, making prompt action essential.
What Should Users Do?
In response, Apple has rolled out security updates to fix these flaws. All users are strongly advised to update their devices to the latest available version of iOS or iPadOS without delay. Additionally, users should avoid installing unverified applications and stay vigilant for any unusual device behaviour, which could indicate malicious activity.
As Apple’s presence grows in India, so does the responsibility of users to remain alert. Regular software updates and smart usage practices are essential in defending against today’s fast-evolving digital threats.(HT)
