Security News > 2021 > March > Apple Patches Remote Code Execution Bug in WebKit

Apple Patches Remote Code Execution Bug in WebKit
2021-03-09 17:35

Apple on Monday released patches for a vulnerability in WebKit that could allow attackers to execute code remotely on affected devices.

To exploit the vulnerability, an attacker would simply need to craft a webpage containing malicious code, and then lure the victim into accessing that webpage, which would trigger the execution of code onto the victim's machine.

"Processing maliciously crafted web content may lead to arbitrary code execution," Apple notes.

Once the victim accesses the attacker-crafted page, the memory corruption would be triggered, resulting in the execution of arbitrary code.

Apple has addressed the vulnerability with the release of macOS Big Sur 11.2.3, iOS 14.4.1 and iPadOS 14.4.1, watchOS 7.3.2, and Safari 14.0.3.

Apple hasn't provided information on whether the flaw is already being exploited in the wild.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/vktUeE_PkPg/apple-patches-remote-code-execution-bug-webkit

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apple 72 238 1567 2279 265 4349
Webkit 2 0 1 6 0 7