If you’re using an iPhone, iPad, MacBook, Apple TV, or even the Apple Vision Pro, you need to act quickly. The Indian Computer Emergency Response Team (CERT-In), which operates under the Ministry of Electronics and Information Technology, has released a high-severity security warning for Apple device users.
According to CERT-In, researchers have identified multiple critical security vulnerabilities in Apple software that could expose devices to cyberattacks, including data theft and remote control.
Indian Computer Emergency Response Team (CERT-In) published the alert under vulnerability note CIVN-2025-0071, outlining the various threats and urging users to take immediate action. The advisory states:
"The discovered vulnerabilities could allow attackers to access sensitive information, execute arbitrary code, bypass security protections, gain elevated privileges, manipulate data, or even perform spoofing and denial-of-service (DoS) attacks."
These vulnerabilities span across a wide range of Apple platforms, affecting both individuals and organisations.
The advisory is targeted at all Apple users, but especially those running outdated versions of iOS, iPadOS, macOS, Safari, tvOS, visionOS, and Xcode. Delaying updates can significantly raise the risk of cyberattacks.
iPhones and iPads
MacBooks and iMacs
Apple TV
Apple Vision Pro
iOS: Versions prior to 18.4, 17.7.6, 16.7.11, and 15.8.4
iPadOS: Versions prior to 18.4, 17.7.6, 16.7.11, and 15.8.4
macOS: Sequoia versions prior to 15.4, Sonoma prior to 14.7.5, and Ventura prior to 13.7.5
tvOS: Versions prior to 18.4
visionOS: Versions prior to 2.4
Safari Browser: Versions prior to 18.4
Xcode: Versions prior to 16.3
CERT-In has categorized the vulnerabilities as high severity, highlighting the following technical flaws:
Type Confusion Errors: Where the system misinterprets data types.
Use-After-Free Flaws: Exploited after memory is freed.
Out-of-Bounds Access: Unauthorized memory manipulation.
Improper Input Validation: Failure to validate user input properly.
Buffer Overflows: Excessive data that crashes or compromises systems.
Path Handling Vulnerabilities: Weaknesses in file location processing.
"These vulnerabilities can be exploited remotely or locally, and delaying updates makes users especially vulnerable," CERT-In warns.
CERT-In has strongly recommended users apply the latest security patches released by Apple. These updates fix the identified flaws and help safeguard against known exploits.
"To protect your Apple devices from getting hacked, CERT-In strongly recommends that all Apple users apply the latest security updates as released by Apple."
Go to Settings > General > Software Update
Open System Settings > General > Software Update
Navigate to Settings > System Update
Apple suggests enabling automatic updates to ensure timely patching for future threats.
The latest high-risk security alert issued by CERT-In for Apple users is a timely reminder of the growing threats in today’s digital world. With vulnerabilities detected across a wide range of Apple devices — from iPhones and iPads to MacBooks and even Apple Vision Pro — users must act swiftly to safeguard their data and privacy.
These flaws, if exploited, could allow cybercriminals to gain unauthorized access, execute malicious code, and even take full control of affected devices. Fortunately, Apple has already released critical security updates to fix the issues, and CERT-In has provided clear instructions for users to update their systems. Whether you are an individual or an enterprise user, applying these updates without delay is essential.
Cyberattacks can often go undetected until significant damage is done — prevention is the best defense. By staying updated and enabling automatic updates, Apple users can ensure stronger protection against potential exploits and security breaches.
Stay safe, stay updated.