Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities

November 20, 2024 at 12:18AM Apple has released security updates for multiple operating systems to fix two actively exploited zero-day vulnerabilities: CVE-2024-44308, allowing arbitrary code execution, and CVE-2024-44309, enabling cross-site scripting (XSS) attacks. Users are urged to update their devices promptly to mitigate security risks. **Meeting Takeaways: November 20, 2024 – Security Updates on Zero-Day … Read more

About the security content of macOS Monterey 12.7.6 – Apple Support

October 15, 2024 at 02:03PM Apple released a security update for macOS Monterey 12.7.6 on July 29, 2024, addressing multiple vulnerabilities. Key improvements include enhanced data access restrictions, memory handling, and input validation. These changes mitigate risks of sensitive data leakage, unexpected app termination, and unauthorized access, significantly improving system security. ### Meeting Notes Takeaways … Read more

About the security content of macOS Sequoia 15 – Apple Support

October 13, 2024 at 02:30PM Apple’s macOS Sequoia 15, releasing on September 16, 2024, addresses multiple vulnerabilities through improved permissions, memory handling, and data redaction. Updates are available for various Mac models, enhancing user data security by minimizing unauthorized access and modifications, thereby reducing potential privacy risks for sensitive information. ### Meeting Takeaways **Release Overview:** … Read more

Apple Patches Vision Pro Vulnerability Used in Possibly ‘First Ever Spatial Computing Hack’

June 11, 2024 at 09:52AM Apple released visionOS 1.2 to address numerous vulnerabilities, with the standout CVE-2024-27812 specific to the Vision Pro headset. The update also prompted new security advisories for iOS, macOS, and other products, consolidating CVEs. The vulnerabilities could lead to code execution, information disclosure, and DoS, with the acknowledged researcher considering it … Read more

Apple backports fix for RTKit iOS zero-day to older iPhones

May 13, 2024 at 05:50PM Apple has backported security patches to older iPhones and iPads, fixing an iOS Kernel zero-day vulnerability actively exploited in attacks. The flaw allows attackers to bypass memory protections. The company also addressed two other zero-day vulnerabilities and added support for unwanted tracking alerts in the latest iOS update. From the … Read more

Apple fixes first zero-day bug exploited in attacks this year

January 22, 2024 at 02:25PM Apple released security updates to address the first zero-day vulnerability of the year, tracked as CVE-2024-23222, impacting iPhones, Macs, and Apple TVs. The WebKit confusion issue could be exploited by attackers, leading to arbitrary code execution. Devices running vulnerable iOS, macOS, and tvOS versions are affected. Security updates are available … Read more