+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

CERT-In identifies high-severity threats in Apple’s macOS, iOS and iPadOS

Aug 3, 2022, 11:57 IST
Business Insider India
unsplash
  • CERT-In detects multiple vulnerabilities in Apple’s macOS, iOS, and iPadOS that can be used to bypass security restrictions.
  • Authorization issues in the iCloud Photo Library and Calendar have also been found.
  • Recently, Apple has released the latest security updates to cope with these vulnerabilities.
Advertisement
The Indian Computer Emergency Response Team, CERT-In, reported multiple vulnerabilities in Apple macOS. According to CERT-In, remote attackers could exploit these vulnerabilities to execute arbitrarily, meaning the attacker can run any commands or code, deny service, and bypass security restrictions.
The vulnerabilities have been found in macOS Big Sur versions before 11.6.8, macOS Catalina before 20022-005, and macOS Monterey versions before 12.5.
As per CERT-In, remote attackers can exploit these vulnerabilities by leading the victim to visit compromised or maliciously crafted web content to executing arbitrary code and bypass security restrictions.

Why do these vulnerabilities exist?


According to CERT-In, these vulnerabilities exist due to out-of-bounds read in AppleScript, affecting the unknown part of the AppleScript component. Besides this, SMB and Kernel - space for sharing files over the network, GU Drivers, and SMB and WebKit.
Authorization issues and information disclosure in the iCloud Photo Library and Calendar have also been found.

Vulnerabilities in iPadOS and iOS


Different vulnerabilities in iPadOS and Apple’s iOS have been found in versions before 15.6. Similar to macOS, these vulnerabilities can be exploited by a remote attacker to bypass security restrictions and cause a denial of service. To exploit the user, an attacker will take the user to maliciously crafted web content.
The vulnerabilities and security threats are very much similar to macOS, as authorization issues have been found in the Home, ImageIO and Kernel and PluginKit. Besides this, issues in GPU drivers, memory corruption, information, and disclosure in iCloud Photo Library have also been found.

What can you do?


Advertisement

To cope with these vulnerabilities and issues, Apple has released the latest security updates for iOS and iPadOS following the latest version of macOS 12.5, the latest version of tvOS 15.6, and watchOS 8.7.
Remember, once updated to these latest security updates, you cannot be downgraded to the previous version.

SEE ALSO:
Commonwealth Games 2022: India has won 3 gold medals so far, check out all the details here.
Nirmala Sitharaman says India's fundamentals are perfect; no recession, stagflation risk
You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article