Indian government issues 'critical' warning for iPhone, iPad and Mac users: How to check and fix the issue

The Indian Computer Emergency Response Team (CERT-In) has issued a ‘critical’ advisory for users of Apple devices, warning about multiple vulnerabilities affecting iPhones, iPads and Mac systems. The alert, published on March 19, 2026, highlights security flaws that could be exploited by attackers to gain access to targeted devices and execute malicious code.

The advisory is listed under vulnerability note CIVN-2026-0150 and applies to both individual users and organisations using Apple products.

Devices and software affected

According to CERT-In, the vulnerabilities impact several versions of Apple operating systems. Affected systems include macOS versions earlier than 13.5, 14.2 and 14.3. iOS and iPadOS versions before 15.8.7, 16.7.5, 16.7.15 and 17.3 are also included in the advisory.

The issue also extends to Safari versions bundled with these operating systems. Devices that have not been updated to the latest software releases are more likely to be exposed to these risks.

Risk and impact

CERT-In has categorised the vulnerabilities as ‘critical’, indicating a high level of risk. The agency states that these flaws could allow attackers to execute arbitrary code on a targeted device. The vulnerabilities are linked to issues such as use-after-free in kernel components and type confusion in WebKit.

If exploited, attackers may gain unauthorised access to systems, access sensitive information and manipulate data. The advisory also warns of possible service disruption and memory corruption, which could impact normal device functioning.

What users should do

CERT-In has advised users to install the latest security updates released by Apple to address these vulnerabilities. Applying updates is necessary to patch the identified flaws and reduce the risk of exploitation.

Users can check for updates through device settings and install the latest versions of iOS, iPadOS and macOS. Updating Safari and other system components is also recommended as part of the security process.