Indian Computer Emergency Response Team (CERT-IN) recently issued a warning for some versions of macOS, the operating system that powers Apple Mac laptops and desktops.
The government body has marked the security risk as ‘high severity’ and has mentioned that multiple vulnerabilities have been found in macOS operating systems that may make Mac users an easy target for hackers.
For those unintended, CERT-IN is a nodal agency under the Ministry of Electronics and Information Technology. The government body is responsible for highlighting bugs and cybersecurity threats like phishing and hacking.
What the government has said
CERT-IN has noted that “these vulnerabilities exist in Apple macOS due to out-of-bounds read in AppleScript, SMB and Kernel; out of bounds write in Audio, ICU, PS Normalizer, GPU Drivers, SMB and Webkit; authorization issue in AppleMobileFileIntegrity: information disclosure in Calendar and iCloud Photo Library: logic issue in File System Events, Pluginkit, Windows Server and Automation; memory corruption in Intel Graphics Driver, GPU Drivers, SMB and WebRTC; type confusion in multi-touch; memory initialization in libxml2.”
The post further adds that “A remote attacker could exploit these vulnerabilities by persuading a victim to visit a maliciously crafted web content.”
The government body has marked the security risk as ‘high severity’ and has mentioned that multiple vulnerabilities have been found in macOS operating systems that may make Mac users an easy target for hackers.
For those unintended, CERT-IN is a nodal agency under the Ministry of Electronics and Information Technology. The government body is responsible for highlighting bugs and cybersecurity threats like phishing and hacking.
What the government has said
CERT-IN has noted that “these vulnerabilities exist in Apple macOS due to out-of-bounds read in AppleScript, SMB and Kernel; out of bounds write in Audio, ICU, PS Normalizer, GPU Drivers, SMB and Webkit; authorization issue in AppleMobileFileIntegrity: information disclosure in Calendar and iCloud Photo Library: logic issue in File System Events, Pluginkit, Windows Server and Automation; memory corruption in Intel Graphics Driver, GPU Drivers, SMB and WebRTC; type confusion in multi-touch; memory initialization in libxml2.”
The post further adds that “A remote attacker could exploit these vulnerabilities by persuading a victim to visit a maliciously crafted web content.”
Who all are affected
According to the official post, Mac devices running macOS Catalina prior to security update 2022-005, Apple macOS Big Sur versions prior to 11.6.8 and Apple macOS Monterey versions prior to 12.5 are affected by the current vulnerabilities.
What users can do
The government has advised users to install the latest macOS updates that contain the fix for the vulnerabilities.