Apple recently released the iOS 16.5.1 update, which not only introduced new features but also addressed two critical security vulnerabilities. However, now the Indian government’s cybersecurity watchdog, CERT-In, has issued a warning specifically for MacBook users. The agency has identified a high-severity bug that is leaving Mac users exposed to potential risks.
The vulnerability, named CVE-2023-32439, affects Apple Safari versions prior to 16.5.1 on macOS Monterey. CERT-In explains that this flaw in Safari could allow remote attackers to execute arbitrary code on targeted systems. The vulnerability is attributed to a type of confusion error in the WebKit component.
According to CERT-In, an attacker can exploit this vulnerability by tricking the victim into opening a specially crafted file or app. Apple is aware of the issue but has not yet released a fix. As part of its security practices, Apple refrains from discussing or confirming security issues until they have been thoroughly investigated and patches or updates are made available to users.
In addition to the MacBook vulnerability, iOS 16.5.1 also addressed two critical security issues that were reportedly exploited to hack iPhones in Russia. Cybersecurity firm Kaspersky discovered these vulnerabilities and brought them to Apple’s attention. The malicious code used after the infection allowed attackers to perform various actions, such as extracting passwords from Apple’s Keychain, monitoring locations, and modifying or exporting files.
Users are advised to remain vigilant and update their devices with the latest software updates to ensure their security and protection.