[ad_1]
Apple released security updates on Tuesday that it says are “recommended for all users,” after fixing a pair of security bugs used in active cyberattacks targeting Mac users.
Apple said in a security warning on its website He was aware of two weaknesses “It may be actively exploited on Intel-based Mac systems.” To fix the bugs, Apple has released a macOS software update, as well as fixes for iPhone and iPad, including for users using older versions iOS 17 software.
It’s not yet known who is behind the attacks targeting Mac users, how many Mac users have been targeted – or whether any have been successfully hacked. The vulnerabilities were reported by security researchers in Google’s threat analysis group, which investigates government-backed hacks and cyberattacks, suggesting a government entity may be involved in the attacks. Government-backed cyberattacks sometimes involve the use of commercial phone spyware.
As for the bugs themselves, Apple said the vulnerabilities are related to WebKit and JavaScriptCore, the web engines that power the Safari browser and playback web content. WebKit is a frequent target of malicious hackers, who target the engine for vulnerabilities as a way to break into a device’s broader software and leverage a user’s private data.
The security advisory says the bugs could be exploited by tricking vulnerable Apple devices into processing maliciously crafted web content, such as a website or email, to initiate execution of arbitrary code, potentially allowing malware to be planted on the target’s device.
Users should update their iPhone, iPad, and Mac devices as soon as possible.
Apple did not comment when contacted by TechCrunch on Tuesday.
[ad_2]