- CERT-In detects multiple vulnerabilities in Apple’s macOS, iOS, and iPadOS that can be used to bypass security restrictions.
- Authorization issues in the iCloud Photo Library and Calendar have also been found.
- Recently, Apple has released the latest security updates to cope with these vulnerabilities.
The Indian Computer Emergency Response Team, CERT-In, reported multiple vulnerabilities in
Apple macOS. According to CERT-In, remote attackers could exploit these vulnerabilities to execute arbitrarily, meaning the attacker can run any commands or code, deny service, and bypass security restrictions.
The vulnerabilities have been found in macOS Big Sur versions before 11.6.8, macOS Catalina before 20022-005, and macOS Monterey versions before 12.5.
As per CERT-In, remote attackers can exploit these vulnerabilities by leading the victim to visit compromised or maliciously crafted web content to executing arbitrary code and bypass security restrictions.
Why do these vulnerabilities exist?
According to CERT-In, these vulnerabilities exist due to out-of-bounds read in AppleScript, affecting the unknown part of the AppleScript component. Besides this, SMB and Kernel - space for sharing files over the network, GU Drivers, and SMB and WebKit.
Authorization issues and information disclosure in the iCloud Photo Library and Calendar have also been found.
Transform talent with learning that worksCapability development is critical for businesses who want to push the envelope of innovation.Discover how business leaders are strategizing around building talent capabilities and empowering employee transformation.Know More Vulnerabilities in iPadOS and iOS
Different vulnerabilities in iPadOS and Apple’s iOS have been found in versions before 15.6. Similar to macOS, these vulnerabilities can be exploited by a remote attacker to bypass security restrictions and cause a denial of service. To exploit the user, an attacker will take the user to maliciously crafted web content.
The vulnerabilities and security threats are very much similar to macOS, as authorization issues have been found in the Home, ImageIO and Kernel and PluginKit. Besides this, issues in GPU drivers, memory corruption, information, and disclosure in iCloud Photo Library have also been found.
What can you do?
To cope with these vulnerabilities and issues, Apple has released the latest
security updates for iOS and iPadOS following the latest version of macOS 12.5, the latest version of tvOS 15.6, and watchOS 8.7.
Remember, once updated to these latest security updates, you cannot be downgraded to the previous version.
SEE ALSO:
Commonwealth Games 2022: India has won 3 gold medals so far, check out all the details here.
Nirmala Sitharaman says India's fundamentals are perfect; no recession, stagflation risk
Next Story
I spent $2,000 for 7 nights in a 179-square-foot room on one of the world's largest cruise ships. Take a look inside my cabin.
Colon cancer rates are rising in young people. If you have two symptoms you should get a colonoscopy, a GI oncologist says.
Saudi Arabia wants China to help fund its struggling $500 billion Neom megaproject. Investors may not be too excited.
Catan adds climate change to the latest edition of the world-famous board game
Tired of blatant misinformation in the media? This video game can help you and your family fight fake news!
Tired of blatant misinformation in the media? This video game can help you and your family fight fake news!
JNK India IPO allotment – How to check allotment, GMP, listing date and more
Indian Army unveils selfie point at Hombotingla Pass ahead of 25th anniversary of Kargil Vijay Diwas
