.jpg)
CERT-In Warns macOS and Chrome Users of High-Risk Security Vulnerabilities
CERT-In has issued a high-risk security advisory warning macOS and Google Chrome users about serious vulnerabilities. These vulnerabilities in Apple's productivity apps and the Chrome desktop browser could lead to data theft or system-wide compromise. Users are urged to patch their software immediately to prevent unauthorized access and information leakage.
Indian Computer Emergency Response Team (CERT In) has released a security alert for users of macOS and Google Chrome. In the alert, CERT In has cautioned users of possible security threats that may be experienced if updates are not installed on time. In the alert, it was noted that there are security flaws in Apple's productivity applications and Google's desktop browser that can be exploited by hackers through malicious files or requests. In conclusion, it was noted that delays in updating the applications may lead to system-wide compromise or data leakage.
In an advisory issued on January 29, CERT-In, an Indian government cybersecurity response center, issued an alert to macOS users about several vulnerabilities found in Apple’s Pages and Keynote applications. These vulnerabilities have been identified under vulnerability note CIVN-2026-0056, which affects Pages and Keynote versions prior to version 15.1. According to CERT-In, these vulnerabilities are caused by an out-of-bounds read issue in Pages and an error in the QuickLook component used by Keynote.
Attackers could exploit these vulnerabilities by persuading users to open specially crafted documents, thereby gaining unauthorized access to sensitive information. Apple fixed these issues in Pages 15.1 and Keynote 15.,1 released on January 28th for macOS Sequoia 15.6 and later. These vulnerabilities are tracked as CVE-2025-46316 and CVE-2025-46306.
Want to get your story featured as above? click here!
Want to get your story featured as above? click here!
In addition, CERT-In has flagged a high-severity remote code execution vulnerability in Google Chrome for desktop platforms. The advisory, CIVN-2026-0051, issued on January 28th affects versions of Chrome earlier than 144.0.7559.109 or 144.0.7559.110 on Windows and macOS, and versions earlier than 144.0.7559.109 on Linux.
CERT-In stated that the flaw is due to an incorrect implementation of Chrome's background fetch API, which could be exploited to execute arbitrary code on the target system through a specially crafted request.
The note categorizes the Chrome vulnerability as high-risk and warns that successful exploitation could lead to system compromise or service disruption. Google fixed the issue in its latest stable channel update, released on January 27th. The vulnerability is tracked as CVE-2026-1504.
CERT-In advises users to immediately install the latest updates from Apple and Google and consult the official security release notes for more information.
