Security News > 2021 > March > Apple Patches Remote Code Execution Bug in WebKit
Apple on Monday released patches for a vulnerability in WebKit that could allow attackers to execute code remotely on affected devices.
To exploit the vulnerability, an attacker would simply need to craft a webpage containing malicious code, and then lure the victim into accessing that webpage, which would trigger the execution of code onto the victim's machine.
"Processing maliciously crafted web content may lead to arbitrary code execution," Apple notes.
Once the victim accesses the attacker-crafted page, the memory corruption would be triggered, resulting in the execution of arbitrary code.
Apple has addressed the vulnerability with the release of macOS Big Sur 11.2.3, iOS 14.4.1 and iPadOS 14.4.1, watchOS 7.3.2, and Safari 14.0.3.
Apple hasn't provided information on whether the flaw is already being exploited in the wild.