Microsoft advises millions of Apple users to update Safari to stop this dangerous threat
Everyone is paying close attention because the issue affecting macOS users has come to light and comes with a seal and warning from Microsoft. The vulnerability, called “HM Surf,” could allow attackers to access users’ private data without their knowledge, including web pages visited, camera images, microphone audio, and even the device’s location.
This security flaw is known to primarily affect macOS devices managed by businesses through mobile device management (MDM) systems.
The trick is to bypass TCC protection and take control of Safari, Apple's default browser, which would allow them to access data on the device that is usually protected and deliver it to a potential attacker.
The good news is that Apple has already released a patch to fix this issue. The update, named CVE-2024-44133, was included in the macOS Sequoia security updates released on September 16, 2024. Accordingly, Microsoft advises all macOS users to install this update as soon as possible to protect themselves.
If you as a user are currently using another browser like Chrome, Firefox or Edge, you are safe from this particular issue, as these browsers do not have the same privileges as Safari on macOS. If these browsers want to access sensitive features, you will always see a window asking for your permission.