Zero-Day Alert: Apple Rolls Out iOS, macOS, and Safari Patches for 2 Actively Exploited Flaws

November 30, 2023 at 11:36PM Apple rolled out updates for iOS, iPadOS, macOS, and Safari to fix two actively exploited WebKit vulnerabilities. These flaws could potentially leak sensitive data and enable arbitrary code execution. The affected versions precede iOS 16.7.1, and all WebKit-based browsers on Apple devices are impacted. Devices from iPhone XS and certain … Read more

Apple Patches WebKit Flaws Exploited on Older iPhones

November 30, 2023 at 02:54PM Apple’s security team reports that older iOS versions, prior to 16.7.1, were exploited due to flaws CVE-2023-42916 and CVE-2023-42917. Patches for these WebKit vulnerabilities have been released for affected iPhones. Meeting Takeaways: 1. Apple’s security response team has identified that vulnerabilities designated as CVE-2023-42916 and CVE-2023-42917 have been exploited. 2. … Read more

Apple fixes two new iOS zero-days in emergency updates

November 30, 2023 at 02:49PM Apple has patched 20 zero-day vulnerabilities in 2023, recently addressing two allowing attackers to exploit iPhones, iPads, and Macs via WebKit. The flaws enabled data access and code execution. Updates were issued for various devices and macOS versions. Google TAG identified the exploits, which historically targeted high-risk individuals. Clear Takeaways … Read more

About the security content of Safari 17.1.2 – Apple Support

November 30, 2023 at 01:54PM Apple addressed two WebKit vulnerabilities (CVE-2023-42916 and CVE-2023-42917) affecting pre-iOS 16.7.1 devices. Improved validation fixes an out-of-bounds read and improved locking resolves a memory corruption issue. Updates are available for macOS Monterey and Ventura. Potential exploitation of both issues has been reported. Takeaways from the meeting: 1. An Apple advisory … Read more

About the security content of iOS 17.1.2 and iPadOS 17.1.2 – Apple Support

November 30, 2023 at 01:42PM Apple addressed two WebKit vulnerabilities (CVE-2023-42916 and CVE-2023-42917) that potentially leaked information and allowed code execution on older iOS versions. Updates for iPhones starting from XS and various iPad models are available to mitigate these issues. Reported exploitation exists against iOS versions before 16.7.1. Meeting Takeaways: 1. Apple has addressed … Read more

Apple Ships Major iOS, macOS Security Updates

October 25, 2023 at 03:57PM Apple released major security updates for macOS and iOS, addressing numerous vulnerabilities that could potentially lead to hacker attacks. The updates address a total of 21 iOS security vulnerabilities and 44 macOS flaws, including code execution and data exposure issues. Apple also patched an already-exploited vulnerability reported by Kaspersky. The … Read more