Security News > 2021 > March > Apple devices get urgent patch for zero-day exploit – update now!
Apple has just pushed out an emergency "One-bug" security update for its mobile devices, including iPhones, iPads and Apple Watches.
Just like the last emergency Apple patch, this vulnerability affects WebKit, Apple's core web browser code.
As a result, even browsers such as Firefox, as well as Google Chrome and Microsoft Edge, are forced to rely internally on WebKit when they run on Apple devices.
The Same Origin Policy dictates that only web content served up by website X is allowed to access stored data, such as web cookies, that relate to site X. As you probably know, web cookies and local web storage exist so that websites can keep track of you between visits.
As you can imagine, if website X could send out JavaScript code to access the cookies and local web data of website Y, that would be a security disaster.
You need to patch the vulnerability for yourself, because the bug is in your browser, not in any individual web server.
News URL
Related news
- Apple Patches Two Zero-Day Attack Vectors (source)
- RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks (source)
- Exploit released for critical WhatsUp Gold RCE flaw, patch now (source)
- Mitel MiCollab zero-day flaw gets proof-of-concept exploit (source)
- Mitel MiCollab zero-day and PoC exploit unveiled (source)
- New Windows zero-day exposes NTLM credentials, gets unofficial patch (source)
- Microsoft December 2024 Patch Tuesday fixes 1 exploited zero-day, 71 flaws (source)
- New Mirai botnet targets industrial routers with zero-day exploits (source)
- Zero-day exploits plague Ivanti Connect Secure appliances for second year running (source)
- Week in review: Exploited Ivanti Connect Secure zero-day, Patch Tuesday forecast (source)