The Indian Computer Emergency Response Team (CERT-In) has raised a red flag for users of Apple iPhones, MacBooks, iPads, and Vision Pro headsets, citing a "high" severity vulnerability in their systems.

The agency has identified a critical "remote code execution vulnerability" that could potentially expose devices to exploitation by hackers, allowing them to gain remote access and execute arbitrary code on targeted systems.

The vulnerability affects iPhone and iPad customers whose devices are running iOS and iPadOS versions earlier than 17.4.1, according to CERT-In's advisory. This update is pertinent for users of newer Apple devices, including iPhones after the iPhone XS and iPads after the 2nd generation iPad Pro 12.9-inch.

Furthermore, older devices such as the iPhone 8, iPhone 8 Plus, iPhone X, and certain iPad models are also susceptible if not updated to iOS and iPadOS versions before 16.7.7.

The security flaw extends to Apple Safari versions preceding 17.4.1, which are accessible on macOS Monterey and macOS Ventura. MacBook users are also at risk if their systems run on macOS Venture versions prior to 13.6.6 or macOS Sonoma versions before 14.4.1. Additionally, Vision Pro headset users are urged to be cautious, as versions of VisionOS prior to 1.1.1 are vulnerable to exploitation.

The vulnerability is attributed to an "out-of-bounds write issue in WebRTC and CoreMedia," as outlined on the CERT-In website. Essentially, this flaw could be exploited by tricking users into visiting specific links, enabling attackers to execute arbitrary code remotely. CERT-In underscores the severity, stating that successful exploitation of this vulnerability could lead to unauthorised access and manipulation of targeted systems.

To mitigate the risk posed by this security loophole, users are advised to take several precautionary measures. Keeping Apple iOS and iPadOS devices updated with the latest software versions is paramount, as it ensures access to vital security fixes. Users should promptly apply any security patches provided by Apple, particularly those addressing vulnerabilities highlighted by CERT-In.

Additionally, when connecting to networks, users should prioritise secure connections and refrain from accessing unsecured or public Wi-Fi networks to minimise the risk of unauthorised access.

Enabling two-factor authentication (2FA) adds an extra layer of security, mitigating the impact of potential credential compromises. Users are also urged to exercise caution when downloading apps or software, sticking exclusively to trusted sources like the Apple App Store to avoid potential threats. Regularly backing up important data is essential to safeguard against data loss resulting from security breaches or system failures.

Remaining informed about security alerts and advisories from reputable sources such as CERT-In or Apple enables users to take proactive measures against emerging threats and ensure the ongoing security of their devices. By adopting these best practices, Apple users can bolster their defences against potential security vulnerabilities and safeguard their personal information and sensitive data.