Two vulnerabilities (CVE-2021-30858 and CVE-2021-30860) have been identified in certain Apple products which could allow an actor to execute arbitrary code, enabling the installation of malware or other actions on a vulnerable Apple device or computer.
Apple has released the following security advisories which contain information on the security updates and associated vulnerabilities:
Apple has released security updates to address these vulnerabilities. Owners of affected Apple products should apply the available security updates detailed in the links above as soon as possible.
Guidance on how to apply software updates to Apple products is available from the Apple security updates page.
The ACSC is monitoring the situation and is able to provide assistance and advice as required. Organisations that have been impacted or require assistance can contact the ACSC via 1300 CYBER1 (1300 292 371).