As Apple’s user base in India continues to expand at a rapid pace, so do the digital threats that come with it. Recently, the Indian government issued a cybersecurity alert warning that many iPhones and iPads might be exposed to serious security vulnerabilities, potentially putting millions of users in jeopardy.
On May 12, the Indian Computer Emergency Response Team (CERT-In), which operates under the Ministry of Electronics and Information Technology, released this alert. The warning points out several vulnerabilities in iOS and iPadOS versions before iOS 18.3 and iPadOS 17.7.3 or 18.3, depending on the specific device model. The affected devices include the iPhone XS and newer models, as well as various iPads starting from the 6th generation.
CERT-In has identified one of the most significant flaws as being associated with Apple’s Darwin notification system. This internal mechanism is responsible for managing how apps and services communicate on the device. The flaw allows even apps without special permissions to send system-level notifications, which could lead to the device crashing or becoming unresponsive.
What heightens the urgency of this situation is that CERT-In has confirmed that some of these vulnerabilities are already being exploited in real-world scenarios. Attackers could gain access to sensitive personal or financial information, bypass built-in security measures, or even crash the device remotely, creating serious risks for users.
In response, Apple has acted swiftly by rolling out patches through new iOS and iPadOS updates. Users are strongly encouraged to update their devices right away to safeguard against potential attacks.
CERT-In also advises users to steer clear of unverified apps and to remain vigilant for any unusual behaviour from their devices. Regular software updates are still the best defence against these threats.