Apple Alerts Users: Zero-Day Vulnerability Under Active Exploitation
Austin JayThis is an essential warning if you possess an iPad, iPhone, or Mac: update your device right away.
Apple has released Safari 17.1 for macOS Monterey and macOS Ventura, iOS and iPadOS 17.1.2, and macOS Sonoma 14.1.2 in order to fix two serious WebKit vulnerabilities that affect Safari on Mac and all iPhone and iPad browsers.
Users and security experts were unaware of these zero-day vulnerabilities until recently. They "may have been exploited against versions of iOS before iOS 16.7.1," released in November to address a different zero-day vulnerability.
Whether this could be exploited on Macs is still unknown. This is Apple's 20th zero-day patch for 2023.
Apple has begun development on tvOS 17.2 and watchOS 10.2, which should be released with the exact necessary upgrade in about a week.
Clément Lecigne of Google's Threat Analysis Group found these WebKit fixes. Make sure your devices have the most recent software updates installed to stay safe and up to date.
Apple has discovered severe flaws in WebKit that affect devices running iOS 16.7.1 and lower. Sensitive information may be exposed due to one problem when processing online content, and user information may be at risk from another by enabling arbitrary code execution.
One vulnerability is an out-of-bounds read that could reveal private data.
At the same time, the other is a memory corruption issue that could give attackers the power to run any code they want. Apple improved its locking and validation systems in order to address these problems.
Comparably, Google addressed seven security vulnerabilities, some exploited in real-world situations, in an urgent Chrome update for Mac.
Update your device as soon as possible to make it safer by going to General and Software Update under Settings on an iPhone, iPad, or Mac system settings.
Go to System Preferences, then Software Update on older Macs.
It's essential to keep your devices updated with the most recent updates if you want to protect yourself from security risks.
Also Read: How to Extend Your Android's Battery Life: Double it with One Simple Setting
Apple has also released Safari 17.1.2, targeting users on older macOS Monterey and macOS Ventura versions to address these newly discovered zero-day vulnerabilities.
Although the actors behind the exploitation remain unidentified, neither Apple nor Google have disclosed specific details about the nature of these vulnerabilities or their perpetrators.
Recently, Google resolved its zero-day issue in Chrome, acknowledging the existence of an exploit already in the wild.
Google's security expert Maddie Stone highlighted on X, formerly known as Twitter that the Chrome vulnerability was swiftly fixed within four days. Similarly, Apple took less than a week to address the bug reported by Google's researchers, demonstrating a prompt response to security concerns.
Throughout the year, the IT giant addressed 19 zero-day vulnerabilities, but seventeen vulnerabilities remain unresolved.
These include CVE-2023-5217 from October 2023, CVE-2023-41993, CVE-2023-41991, and CVE-2023-41992 from September 2023, alongside CVE-2023-41064 and CVE-2023-41061 from the same month.
July 2023 contributes CVE-2023-37450 and CVE-2023-38606, while June 2023 presents CVE-2023-32434, CVE-2023-32435, and CVE-2023-32439.
May 2023 introduces CVE-2023-32409, CVE-2023-28204, and CVE-2023-32373, followed by April 2023's CVE-2023-28206 and CVE-2023-28205.
Lastly, February 2023 includes CVE-2023-23529.
Related Article: Apple Music Replay: Access Your 2023 Highlights Now!
most read
related stories
more stories from News
Discover the key features and security enhancements of Apple's iOS 17.5 update.
ernest hamiltonDiscover top iPhone apps that let you earn real money by playing games, scanning receipts, and staying active.
ernest hamiltonSamsung has reached a remarkable milestone, shipping nearly 3 billion smartphones since 2014. Discover how the tech giant's decade-long dominance and innovative advancements have solidified its leadership in the global smartphone market.
ernest hamiltonLearn about Apple's settlement in the class-action lawsuit over iPhone 7 audio issues, offering up to $349 compensation for eligible users. Dive into the details and implications of this landmark agreement.
ernest hamiltonThousands of Apple users experienced a major iMessage outage on Thursday evening, impacting communication across the U.S., Canada, and the U.K. Downdetector reported over 13,000 disruptions starting at 6 p.m. ET. Stay updated with the latest developments and potential fixes.
ernest hamiltonDelve into the complexities of managing screen time for children as parents navigate between practicality and idealism.
ernest hamiltonDiscover why the Pixel 7a outperforms the new Pixel 8a in this detailed comparison. Learn about the advantages in affordability, color options, and feature parity. Read now to make an informed choice!
ernest hamiltonDiscover the future of smartphone audio with Moondrop's MIAD 01. Explore its dual audio jacks and premium DACs in this in-depth review. Ready to elevate your music experience? Read now!
ernest hamilton