Apple Alerts Users: Zero-Day Vulnerability Under Active Exploitation
Austin JayThis is an essential warning if you possess an iPad, iPhone, or Mac: update your device right away.
Apple has released Safari 17.1 for macOS Monterey and macOS Ventura, iOS and iPadOS 17.1.2, and macOS Sonoma 14.1.2 in order to fix two serious WebKit vulnerabilities that affect Safari on Mac and all iPhone and iPad browsers.
Users and security experts were unaware of these zero-day vulnerabilities until recently. They "may have been exploited against versions of iOS before iOS 16.7.1," released in November to address a different zero-day vulnerability.
Whether this could be exploited on Macs is still unknown. This is Apple's 20th zero-day patch for 2023.
Apple has begun development on tvOS 17.2 and watchOS 10.2, which should be released with the exact necessary upgrade in about a week.
Clément Lecigne of Google's Threat Analysis Group found these WebKit fixes. Make sure your devices have the most recent software updates installed to stay safe and up to date.
Apple has discovered severe flaws in WebKit that affect devices running iOS 16.7.1 and lower. Sensitive information may be exposed due to one problem when processing online content, and user information may be at risk from another by enabling arbitrary code execution.
One vulnerability is an out-of-bounds read that could reveal private data.
At the same time, the other is a memory corruption issue that could give attackers the power to run any code they want. Apple improved its locking and validation systems in order to address these problems.
Comparably, Google addressed seven security vulnerabilities, some exploited in real-world situations, in an urgent Chrome update for Mac.
Update your device as soon as possible to make it safer by going to General and Software Update under Settings on an iPhone, iPad, or Mac system settings.
Go to System Preferences, then Software Update on older Macs.
It's essential to keep your devices updated with the most recent updates if you want to protect yourself from security risks.
Also Read: How to Extend Your Android's Battery Life: Double it with One Simple Setting
Apple has also released Safari 17.1.2, targeting users on older macOS Monterey and macOS Ventura versions to address these newly discovered zero-day vulnerabilities.
Although the actors behind the exploitation remain unidentified, neither Apple nor Google have disclosed specific details about the nature of these vulnerabilities or their perpetrators.
Recently, Google resolved its zero-day issue in Chrome, acknowledging the existence of an exploit already in the wild.
Google's security expert Maddie Stone highlighted on X, formerly known as Twitter that the Chrome vulnerability was swiftly fixed within four days. Similarly, Apple took less than a week to address the bug reported by Google's researchers, demonstrating a prompt response to security concerns.
Throughout the year, the IT giant addressed 19 zero-day vulnerabilities, but seventeen vulnerabilities remain unresolved.
These include CVE-2023-5217 from October 2023, CVE-2023-41993, CVE-2023-41991, and CVE-2023-41992 from September 2023, alongside CVE-2023-41064 and CVE-2023-41061 from the same month.
July 2023 contributes CVE-2023-37450 and CVE-2023-38606, while June 2023 presents CVE-2023-32434, CVE-2023-32435, and CVE-2023-32439.
May 2023 introduces CVE-2023-32409, CVE-2023-28204, and CVE-2023-32373, followed by April 2023's CVE-2023-28206 and CVE-2023-28205.
Lastly, February 2023 includes CVE-2023-23529.
Related Article: Apple Music Replay: Access Your 2023 Highlights Now!
most read
related stories
more stories from News
Experience AI-enhanced One UI 6.1 on your Galaxy Z Fold 4. Upgrade now for smarter interactions and enhanced user experience!
ernest hamiltonBumble's dynamic shift: Women no longer need to make the first move. Explore automated conversation starters and new dynamics!
ernest hamiltonDiscover the latest leaked specs for the Sony Xperia 1 VI, including cameras, chipset, and battery details. Stay updated!
ernest hamiltonThe Rabbit R1 appears to be just an Android app, despite earlier speculations. Read more about Rabbit's denial.
ernest hamiltonGoogle introduces a playful twist to calls with audio emojis, including a fart button. Discover the fun!
ernest hamiltonDiscover how Apple's Safari AI upgrade is revolutionizing browsing. Click to stay ahead with the latest tech insights!
ernest hamiltonStay updated on Apple's efforts to fix iPhone alarm silence bug. Read more for the latest on this critical issue!
ernest hamiltonGoogle transitions Fitbit Pay to Google Wallet worldwide, streamlining payment experiences. Stay informed on this significant development!
ernest hamilton