Apple issues update for Mac users targeted in zero-day cyber attack

San Francisco, Nov 20
Apple has issued a software update for bugs 'actively exploited' by cyber-criminals in targeting Intel-based Mac systems.

In a security advisory, the tech giant said it was aware of two vulnerabilities that “may have been actively exploited on Intel-based Mac systems.”

These bugs are considered “zero day” vulnerabilities. To fix those, Apple released a software update for macOS (called macOS Sequoia 15.1.1), as well as fixes for iPhones and iPads, including users running the older iOS 17 software.

“Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems,” said the company.

The issue was addressed with improved checks, it added. It’s not yet known who is behind the attacks targeting Mac users, or how many Mac users have been targeted.

The vulnerabilities were reported by security researchers at Google’s Threat Analysis Group.

These vulnerabilities relate to WebKit and JavaScriptCore, the web engines that power the Safari browser and for running web content.

Apple users should update their iPhones, iPads, and Macs as soon as possible.

In July, the tech giant Apple issued a fresh warning to iPhone users in at least 98 countries, including in India, about a potential new mercenary spyware attack like 'Pegasus'.

According to the Apple warning, it detected that “you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID”.

In the warning, the iPhone maker further said that this attack is “likely targeting you specifically because of who you are or what you do”.

In April this year, the tech giant sent threat notifications to select users in 92 countries, including some in India, who may have been targeted using ‘mercenary spyware’ like Pegasus from the NSO Group.