Report Incident
× Home Cybertech Africa 2023 2 DPO Rw-CSIRT Website About Rw-CSIRT Alerts Advisories About NCSA Documentation News & Events Topics Contact us Opportunities Privacy Policy

Alert: Apple Security Updates – May 2024

Apple has released urgent security updates to address a critical vulnerability, CVE-2024-23296, affecting multiple Apple products, including iOS, iPadOS, macOS, among others. An attacker could exploit some of these vulnerabilities to take control of an affected device.
Security Risks
The identified vulnerabilities pose significant security risks, including potential code execution, privilege elevation, and unauthorized data access, which could compromise the integrity and confidentiality of user data and system functionality.
For the full list of security updates released by Apple, please refer to Apple security releases.
Recommended Actions
The National Cyber Security Authority (NCSA) recommends users and system administrators to:
1. Upgrade, as soon as possible, to the latest supported version of installed Apple software in order to continue receiving technical support and security patches.
The following software versions are released for upgrade but not limited to:
  • iOS 17.5 and iPadOS 17.5: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, iPad mini 5th generation and later.
  • iOS 16.7.8 and iPadOS 16.7.8: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later.
  • Safari 17.5: macOS Monterey and macOS Ventura.
  • macOS Sonoma 14.5: for all Mac running macOS Sonoma.
  • macOS Ventura 13.6.7: for all Mac running macOS Ventura.
2. Enable background updates or automatic updates
3. Before any update task, ensure you have backup for your data.
For further information and support, please contact the National Cyber Security Authority (NCSA) by emailto or call us on 9009.

14 May 2024

© 2024 National Cyber Security Authority