Security News > 2021 > March > Apple devices get urgent patch for zero-day exploit – update now!
Apple has just pushed out an emergency "One-bug" security update for its mobile devices, including iPhones, iPads and Apple Watches.
Just like the last emergency Apple patch, this vulnerability affects WebKit, Apple's core web browser code.
As a result, even browsers such as Firefox, as well as Google Chrome and Microsoft Edge, are forced to rely internally on WebKit when they run on Apple devices.
The Same Origin Policy dictates that only web content served up by website X is allowed to access stored data, such as web cookies, that relate to site X. As you probably know, web cookies and local web storage exist so that websites can keep track of you between visits.
As you can imagine, if website X could send out JavaScript code to access the cookies and local web data of website Y, that would be a security disaster.
You need to patch the vulnerability for yourself, because the bug is in your browser, not in any individual web server.
News URL
Related news
- Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities (source)
- Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits (source)
- Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws (source)
- North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware (source)
- Hackers exploit 52 zero-days on the first day of Pwn2Own Ireland (source)
- Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
- Microsoft SharePoint RCE flaw exploits in the wild – you've had 3 months to patch (source)
- Emergency patch: Cisco fixes bug under exploit in brute-force attacks (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws (source)