CERT-In Urges Apple Users to Install Critical Security Updates Immediately
CERT-In urges Apple users to install iOS 18.6, iPadOS 18.6, and macOS 15.6 immediately to patch critical vulnerabilities and prevent active threats.
CERT-In issues high-risk alert as Apple releases critical security updates for iPhones, iPads, and Macs to fix actively exploited vulnerabilities.
India’s cybersecurity agency, CERT-In, has issued a high-severity advisory urging all Apple users to immediately install the latest security updates — iOS 18.6, iPadOS 18.6, and macOS Sequoia 15.6. These updates address multiple serious vulnerabilities affecting iPhones, iPads, and Mac devices.
🔐 What Are the Risks?
The patches fix several high-risk flaws, including:
- A VoiceOver vulnerability that could inadvertently reveal a user’s passcode.
- Multiple WebKit and Safari security flaws that could allow malicious websites to spoof URLs, corrupt memory, or execute arbitrary code remotely.
- Issues in CoreAudio, CoreMedia, and CFNetwork, which could be exploited to leak sensitive data or escalate user privileges.
- Security experts warn that some of these vulnerabilities have already been actively exploited in the wild.
📲 Devices at Risk
The advisory applies to a wide range of Apple products. Affected devices include:
- iPhones not yet updated to iOS 18.6
- iPads running software earlier than iPadOS 18.6 (or 17.7.9 for legacy models)
- Macs on versions earlier than macOS Sequoia 15.6, Sonoma 14.7.7, or Ventura 13.7.7
- Older devices like Apple Watch, Apple TV, and Apple Vision Pro using outdated software
🛠️ How to Update
Users should promptly update their devices using the following steps:
- iPhone or iPad: Go to Settings > General > Software Update
- Mac: Open System Settings > General > Software Update
- It is strongly recommended to back up your device before proceeding with any software update.
⚠️ Why It’s Urgent
While Apple has stated that these flaws are not yet widespread, attackers often analyze released patches to target unpatched systems. Components like WebKit are popular attack vectors that can be exploited remotely. Leaving devices unpatched could expose users to data theft, spyware, or malware.
✅ Bottom Line
If you use an Apple device, update it immediately. CERT-In’s warning highlights the importance of timely software updates in keeping your data and devices secure.
