Apple fixed two security bugs on Tuesday that were being used in active cyberattacks against Mac users. The company said the fixes are “recommended for all users.”
A website security alert from Apple said the company knew of two holes that “may have been actively exploited on Intel-based Mac systems.” The bugs are called “zero day” flaws because Apple didn’t know about them until they were used.
For macOS, Apple launched a software update that fixed the bugs. iPhones and iPads, even those with the older iOS 17 software, also got fixes.
As of now, no one knows who is behind the attacks on Mac users, how many have been attacked, or if any have been able to get into their computers. Security experts at Google’s Threat Analysis Group found the holes. This group looks into hacking and cyberattacks that are supported by the government, which suggests that the attacks may have been carried out by the government. Commercial phone spyware is sometimes used in hacks that are backed by the government.
When asked about the bugs themselves, Apple said the holes are in WebKit and JavaScriptCore, the web engines that run web content and the Safari browser. Bad people often try to break into WebKit by looking for security holes in the engine. This lets them get into the device’s other software and access the user’s private information.
As stated in the security warning, the bugs can be used to install malware on a target’s device by tricking Apple devices that are weak into processing maliciously made web content, like a website or email. This can lead to arbitrary code execution.
Also Read: Researchers Confirm That a New Security Feature From Apple Restarts Iphones After 3 Days
Apple users should quickly patch their iPhones, iPads, and Macs.
What do you say about this story? Visit Parhlo World For more.
