Security News > 2021 > March > Apple devices get urgent patch for zero-day exploit – update now!
Apple has just pushed out an emergency "One-bug" security update for its mobile devices, including iPhones, iPads and Apple Watches.
Just like the last emergency Apple patch, this vulnerability affects WebKit, Apple's core web browser code.
As a result, even browsers such as Firefox, as well as Google Chrome and Microsoft Edge, are forced to rely internally on WebKit when they run on Apple devices.
The Same Origin Policy dictates that only web content served up by website X is allowed to access stored data, such as web cookies, that relate to site X. As you probably know, web cookies and local web storage exist so that websites can keep track of you between visits.
As you can imagine, if website X could send out JavaScript code to access the cookies and local web data of website Y, that would be a security disaster.
You need to patch the vulnerability for yourself, because the bug is in your browser, not in any individual web server.
News URL
Related news
- New Chrome zero-day actively exploited, patch quickly! (CVE-2024-7971) (source)
- Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control (source)
- Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs (source)
- Malware exploits 5-year-old zero-day to infect end-of-life IP cameras (source)
- North Korean hackers exploit Chrome zero-day to deploy rootkit (source)
- North Korean Hackers Deploy FudModule Rootkit via Chrome Zero-Day Exploit (source)
- September 2024 Patch Tuesday forecast: Downgrade is the new exploit (source)
- Microsoft September 2024 Patch Tuesday fixes 4 zero-days, 79 flaws (source)
- Patch Tuesday for September 2024: Microsoft Catches Four Zero-Day Vulnerabilities (source)
- Adobe fixes Acrobat Reader zero-day with public PoC exploit (source)