wagov · JadonWill · Oct 30, 2024 · Sep 26, 2024 · Sep 26, 2024 · Sep 26, 2024
diff --git a/docs/advisories/20241030001-Apple-Critical-Update.md b/docs/advisories/20241030001-Apple-Critical-Update.md
@@ -0,0 +1,26 @@
+# Apple Critical Update - 20241030001
+
+## Overview
+
+Apple has released updates for multiple products. The WA SOC has been made aware of some vulnerabilities being classified as critical.
+
+## What is vulnerable?
+
+| Product(s) Affected | Version(s)           | CVE                                                               | CVSS | Severity     |
+| ------------------- | -------------------- | ----------------------------------------------------------------- | ---- | ------------ |
+| iOS and iPadOS      | all versions < 18.1 | [CVE-2024-40867](https://nvd.nist.gov/vuln/detail/CVE-2024-40867) | 9.6  | **Critical** |
+
+## What has been observed?
+
+There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.
+
+## Recommendation
+
+The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of *48 hours...* (refer [Patch Management](../guidelines/patch-management.md)):
+
+- Apple October iOS and iPadOS 18.1 Release Notes: <https://support.apple.com/en-us/121563>
+- Apple Security Realses Overview: <https://support.apple.com/en-us/100100>
+
+## Additional References
+
+- SecurityOnline article: <https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-apple-products-could-allow-for-arbitrary-code-execution_2024-121>