![]() Apple has acknowledged exploiting the security flaw and advises users to update as soon as possible. Such as Safari, Mail, the App Store, and certain Linux distributions.Īn attacker might leverage the flaw to parse malicious web content and run programmes on a user’s PC at will. The update addressed a critical security weakness in WebKit, the Web browser engine used by programmes. ![]() In addition, the macOS Catalina 2022-001 addressed the WebKit vulnerability in the WebKit rendering engine.Īpple published macOS 12.2.1 Monterey earlier this week, a significant update. These improvements came only a few days after Apple published security fixes for Safari 15.3 in macOS Big Sur (version 11.6.3). Unfortunately, both lack publicly available CVE (Common Vulnerabilities and Exposures) information. At the same time, the update for macOS Catalina has firmware version 2022-002. These two security patches for all users were on the market shortly after the WebKit security-related updates.Īpple Launches MacBook Air, MacBook Pro, and Mac Mini: See Indian Prices And Release Dates Here Details of macOS big surĪccording to the information provided by Apple, the update for macOS Big Sur has firmware version 2022-002. In January, the Cupertino-based business issued WebKit security-related upgrades for both macOS Big Sur and macOS Catalina. The firm hasn’t stated which particular security concerns the current patches address, but it’s safe to assume that the changes make macOS a more secure operating system overall. Apple has published patches for macOS Big Sur and macOS Catalina, respectively. The release of macOS 12.2.1 Monterey addressed a critical security hole in the operating system. This article was updated on July 11 to reflect that Apple's Rapid Security Response update was causing issues for end users.Security update in Apple macOS big sur 11.6.4, Catalina 20202. And in March, Google TAG and Amnesty International disclosed a pair of spyware campaigns that were leveraging iOS and Android zero day exploit chains to target victims across the globe. In April, the company warned of two bugs that were being actively exploited in iOS, macOS, and Safari, including one in the IOSurfaceAccelerator (CVE-2023-28206) and the other in the WebKit framework (CVE-2023-28205). ![]() Apple said that a fixed version of the update, Rapid Security Responses iOS 16.5.1 (b), iPadOS 16.5.1 (b), and macOS 13.4.1 (b), will soon be available.Īpple has fixed a number of other zero-day flaws overall in the past few months. On Tuesday, the company gave users the option to remove the Rapid Security Response, confirming that it caused some issues that might prevent some websites from displaying properly. They may also be used to mitigate some security issues more quickly, such as issues that might have been exploited or reported to exist 'in the wild.'" "They deliver important security improvements between software updates-for example, improvements to the Safari web browser, the WebKit framework stack, or other critical system libraries. "Rapid Security Responses are a new type of software release for iPhone, iPad, and Mac," according to Apple. The fix was released on Monday as part of Apple’s Rapid Security Response program, its new software release for iPhones, iPads and Macs that aims to ship security fixes to end users more frequently, and that is enabled by default on devices. ![]() WebKit has been a common target for threat actors as many previously exploited vulnerabilities have been reported in this component, including three flaws reported by Apple in May that impacted certain Mac, iPhone and Safari users. WebKit is the web browser engine developed by Apple and used by Safari, Mail, App Store, and many other apps on macOS, iOS and Linux. “Apple is aware of a report that this issue may have been actively exploited.” “Processing web content may lead to arbitrary code execution,” according to Apple’s update. Apple did not give further details on the flaw tied to CVE-2023-37450 other than to say that it was discovered by an anonymous researcher, that it could lead to arbitrary code execution and that the issue was addressed with improved checks. The update for the flaw (CVE-2023-37450) is available for iOS 16.5.1, macOS Ventura 13.4.1 and iPadOS 16.5.1. UPDATE - Apple has released an emergency update fixing an actively exploited security flaw in WebKit that impacts iOS, macOS and iPadOS. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |