LIVE TV
  • News /
  • Tech News /
  • CERT-In warns Indian users of severe security threats in several macOS versions

Updated 3 August 2022 at 16:02 IST

CERT-In warns Indian users of severe security threats in several macOS versions

Recently, CERT-in released a vulnerability report for several versions of macOS. The report mentions that several macOS versions are affected. Details here.

Shikhar Mehrotra
Follow :  
×

Share

IMAGE: UNSPLASH | Image: self

The Indian Computer Emergency Response Team has warned Mac users to upgrade to the latest version of macOS available for their devices as it has found several vulnerabilities within the operating system. Previously, the organisation found similar issues within the Apple Watch.

These macOS versions are vulnerable 

Recently, CERT-in released a vulnerability report for several versions of macOS. The report mentions that macOS Cataline prior to security update 2022-005, macOS Big Sur prior to 11.6.8 and macOS Monterey prior to 12.5 have severe vulnerability issues. These can be "exploited by a remote attacker to execute arbitrary code, bypass security restrictions and cause denial of service conditions on the targetted systems."

As per the report, these issues have been caused by "out-of-bounds read in AppleScript, SMB and Kernel, out-of-bounds write in Audio, ICU, PS Normalizer, GPU Drivers, SMB and WebKit" and other factors. As a solution, users should update to the latest macOS version available for their devices. Causing a delay in updating their Mac could result in exploitation of data, putting users' privacy at risk. 

Apple Watch running on older UI could be at risk

As per the official website of the Indian Computer Emergency Response Team, Apple Watch running on watchOS versions prior to 8.7 has multiple vulnerabilities that compromise the overall security of the device. These vulnerabilities could allow attackers or bad actors to execute arbitrary code and bypass the security restrictions to gain access of data and other resources on the Apple Watch.

The post further explains that there are multiple vulnerabilities in the Apple Watch, including buffer overflow in the AppleAVD component, authorisation issue in the AppleMobileFileIntegrity component, out-of-bounds write in Audio and more. Moreover, these security flaws could allow bad actors to gain access to the device and other personal information that is stored on the device. To specify, these problems existed in watchOS 8.6.

Published By : Shikhar Mehrotra

Published On: 3 August 2022 at 16:02 IST

IPL