The government body has flagged the security risk as ‘high severity’ and noted that several vulnerabilities have been found in the macOS operating system that could make Mac users an easy target for hackers.
For the unprivileged, CERT-IN is a nodal agency under the Ministry of Electronics and Information Technology. The government body is responsible for uncovering bugs and cyber security threats such as phishing and hacking.
what has the government said
CERT-IN notes that “These vulnerabilities exist in Apple macOS due to being read out of range in AppleScript, SMB, and Kernel; Write in audio out of range, ICU, PS Normalizer, GPU Drivers, SMB and Webkit; Authorization issue in AppleMobileFileIntegrity: Information disclosure in Calendar and iCloud Photo Library: Logic issue in File System Events, PluginKit, Windows Server and Automation; memory corruption in Intel graphics drivers, GPU drivers, SMB and WebRTC; Type Illusion in Multi-Touch; Memory initialization in libxml2.”
The post further states that “a remote attacker could exploit these vulnerabilities by persuading the victim to visit maliciously crafted web content.”
all who are affected
According to the official post, Mac devices running macOS Catalina prior to security update 2022-005, Apple macOS Big Sur versions prior to 11.6.8 and Apple macOS Monterey versions prior to 12.5 are affected by the current vulnerabilities.
what users can do
The government has advised users to install the latest macOS update which has fixed vulnerabilities.