CERT-In Detects Threats With High Severity in iPhone, iPad, Mac, ChromeOS and Firefox Browser

[Pelican Press 0]

This is the hidden content, please

• Sign In
• or
• Sign Up

CERT-In Detects Threats With High Severity in iPhone, iPad, Mac, ChromeOS and Firefox Browser

The Indian Computer Emergency Response Team (CERT-In) appointed by the Ministry of Electronics and Information Technology has found multiple vulnerabilities of high severity in iOS, iPadOS, and macOS by Apple as well as

This is the hidden content, please

• Sign In
• or
• Sign Up

’ ChromeOS and Mozilla’ Firefox Internet browser. iOS is an operating system for iPhone models, iPadOS runs on iPad models, and macOS powers the Mac machines. As per the nodal agency, these vulnerabilities can be used to bypass security restrictions and cause denial-of-service (DoS) attacks rendering the devices unusable.

Mac machines running on macOS Catalina with security update prior to 2022-005, macOS Big Sur versions prior to 11.6.8, and macOS Monterey versions prior to 12.5 are at risk,

This is the hidden content, please

• Sign In
• or
• Sign Up

CERT-In. The vulnerabilities in macOS versions as well as iOS and iPadOS could be exploited by a remote attacker by persuading a victim to visit a malicious website. The cybercriminal can ******** arbitrary code, bypass security restrictions, and cause DoS conditions on the targeted system.

The macOS vulnerabilities exist due to out-of-bounds read in AppleScript, SMB and Kernel, out-of-bounds write in Audio, ICU, PS Normalizer, GU Drivers, SMB and WebKit. Authorisation issues have been found in AppleMobileFileIntegrity; information disclosure in the Calendar and iCloud Photo Library.

Similar vulnerabilities

This is the hidden content, please

• Sign In
• or
• Sign Up

in iOS and iPadOS versions prior to 15.6. The macOS vulnerabilities exist due to out-of-bounds write in Audio, ICU, GPU Drivers, and WebKit, out-of-bounds read in ImageIO and Kernel, authorisation issues have been found in AppleMobileFileIntegrity; information disclosure in the Calendar and iCloud Photo Library, among others.

In

This is the hidden content, please

• Sign In
• or
• Sign Up

, versions prior to 103, ESR versions prior to 102.1 and 91.12 have been found vulnerable. The vulnerabilities exist due to Memory safety bugs within the browser engine, preload cache bypasses subresource integrity, ***** of cross-site resource redirecting information while using the Performance API, among others. These loopholes may provide an attacker access to sensitive information on the targeted system.

The

This is the hidden content, please

• Sign In
• or
• Sign Up

pose a pretty similar threat as Firefox. The vulnerabilities exist in

This is the hidden content, please

• Sign In
• or
• Sign Up

ChromeOS LTS channel versions prior to 96.0.4664.215 due to out-of-bounds read in the compositing component, incorrect implementation in Extension API, use-after-free error within the Blink XSLT component, among others.

CERT-In says these vulnerabilities can be fixed by installing software updates. Users of these operating systems and Mozilla Firefox are advised to install the software patches as soon as they can.

---

Affiliate links may be automatically generated – see our ethics statement for details.

This is the hidden content, please

• Sign In
• or
• Sign Up

#CERTIn #Detects #Threats #High #Severity #iPhone #iPad #Mac #ChromeOS #Firefox #Browser

This is the hidden content, please

• Sign In
• or
• Sign Up

This is the hidden content, please

• Sign In
• or
• Sign Up