The alerts highlight security flaws in Apple’s productivity apps and Google’s Chrome browser for desktop computers.
CERT-In has urged individuals and organisations to apply the latest software updates
Photo Credit: Unsplash/firmbee
The Indian Computer Emergency Response Team (CERT-In) has issued security advisories warning users of macOS and Google Chrome about vulnerabilities that could expose systems to data theft or full compromise if left unpatched. The alerts highlight security flaws in Apple's productivity apps and Google's desktop browser that may be exploited through malicious files or crafted requests. CERT-In has urged individuals and organisations to apply the latest software updates, noting that delayed patching could increase the risk of unauthorised access, information disclosure, or broader system compromise across affected platforms.
In its advisory dated January 29, CERT-In warned macOS users about multiple vulnerabilities affecting Apple's Pages and Keynote applications. Tracked under Vulnerability Note CIVN-2026-0056, the issues impact Pages and Keynote versions before 15.1. According to CERT-In, the flaws stem from an out-of-bounds read issue in Pages and an error in the QuickLook component used by Keynote.
Attackers could exploit these weaknesses by persuading users to open specially crafted documents, potentially leading to unauthorised access to sensitive information. Apple addressed the issues in Pages 15.1 and Keynote 15.1, released on January 28, for macOS Sequoia 15.6 and later. The vulnerabilities are tracked as CVE-2025-46316 and CVE-2025-46306.
Separately, CERT-In has flagged a high-severity remote code execution vulnerability in Google Chrome for desktop platforms. The advisory, CIVN-2026-0051, issued on January 28, affects Chrome versions before 144.0.7559.109 or 144.0.7559.110 on Windows and macOS, and versions older than 144.0.7559.109 on Linux.
CERT-In said the flaw is caused by an inappropriate implementation in Chrome's Background Fetch API, which could be exploited through a specially crafted request to execute arbitrary code on a targeted system.
The note categorised the Chrome vulnerability as high risk, warning that successful exploitation could result in system compromise or service disruption. Google has addressed the issue in its latest Stable Channel update, released on January 27. The vulnerability is tracked as CVE-2026-1504.
CERT-In has advised users to promptly install the latest updates from Apple and Google and to refer to official security release notes for further information.
Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.