Apple has introduced Immediate Security Response updates for iOS, iPadOS, macOS, and Safari web browser to address a zero-day flaw that it mentioned has been actively exploited in the wild.
The WebKit bug, cataloged as CVE-2023-37450, could permit menace actors to obtain arbitrary code execution when processing specifically crafted web content. The iPhone maker stated it tackled the issue with enhanced checks.
Credited with discovering and reporting the flaw is an nameless researcher. As with most circumstances like this, there are scant particulars about the nature and the scale of the attacks and the identification of the risk actor powering them.
But Apple famous in a terse advisory that it is “conscious of a report that this issue may perhaps have been actively exploited.”
Forthcoming WEBINAR🔐 PAM Security – Pro Alternatives to Secure Your Sensitive Accounts
This skilled-led webinar will equip you with the know-how and strategies you want to change your privileged access security approach.
Reserve Your Place
The updates, iOS 16.5.1 (a), iPadOS 16.5.1 (a), macOS Ventura 13.4.1 (a), and Safari 16.5.2, are readily available for gadgets operating the pursuing functioning procedure variations:
- iOS 16.5.1 and iPadOS 16.5.1
- macOS Ventura 13.4.1
- macOS Large Sur and macOS Monterey
Apple has resolved 10 zero-day vulnerabilities in its program given that the commence of 2023. It also arrives months immediately after the enterprise rolled out patches to resolve 3 zero-days, two of which have been weaponized by unidentified actors in relationship with an espionage marketing campaign termed Procedure Triangulation.
Found this article appealing? Follow us on Twitter and LinkedIn to study more special written content we publish.
Some sections of this post are sourced from: