Recently security updates have been issued to the users by Apple recommending all the users. These updates came after the resolution of two security flaws being used by hackers in ongoing cyberattacks specifically aimed at Mac users.
The security notice on the website of Apple mentioned that there are two vulnerabilities they are aware of that might get used in a negative way on Intel-based Mac systems. The term ‘zero-day’ has been given to these flaws since Apple has no idea when they were being exploited.
Apple has taken steps to address these issues, it has rolled out a software update for MacOS along with which it has also provided fixes for iPhones and iPads which are also for users who are still using older iOS 17 software.
Apple still has not been able to figure out who has been behind these attacks and a clear figure of the number of users who were affected by the same is also not known. Security Researchers at Google’s Threat Analysis Group have reported that the vulnerabilities which investigated state-sponsored cyber attacks and hacking are pointing towards a possible involvement by a government actor.
Commercial phone spyware is often employed by Cyberattacks backed by government entities for their operations. Apple regarding the vulnerabilities stated that they are related to WebKit and JavaScriptCore, the two web engines that power the Safari browser and are responsible for running web content.
It is the tendency of malicious hackers to frequently target WebKit for vulnerabilities so that they can gain access to broader device software and infiltrate the private data of the users. The security advisory has mentioned that the vulnerabilities can be exploited by deceiving susceptible Apple devices into processing maliciously crafted web content. The web content may include an email or a website, which can allow malware to be installed on the devices of the target.
Thanks for choosing to leave a comment. Please keep in mind that all comments are moderated according to our comment Policy.
