Security News > 2022 > February > Apple zero-day drama for Macs, iPhones and iPads – patch now!
Here on Naked Security, we've been lamenting the mysterious nature of Apple's security updates for ages.
In the sudo bug case, Apple did eventually come to the party, and updated its own products in September.
That's where Apple users are today, following last night's release of emergency updates for macOS, iOS and iPadOS. If this were a Microsoft patch, we'd probably be referring to it as "Out of band", a jargon term commonly used to denote that an update is a critical one-off that just couldn't wait for the next round of scheduled updates, and therefore doesn't fit into the expected cycle.
Bugs in WebKit also affect every browser on iPhones and iPads, even non-Apple browsers like Firefox, Edge and Chrome, because Apple won't allow other vendors' browsers into the App Store if they bring their own low-level browser engine with them: under the surface, it's WebKit or nothing.
Update to Safari 15.3*: For users of the previous two macOS versions, Catalina and Big Sur, the patch comes as a Safari-only update, and doesn't change your operating system build number.
In the list above, you'll note that we wrote Safari 15.3* for Catalina and Big Sur users, which is how Apple denotes the patch in its own bulletin.
News URL
Related news
- Apple fixes two zero-days used in attacks on Intel-based Macs (source)
- Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities (source)
- Fraudsters imprisoned for scamming Apple out of 6,000 iPhones (source)
- Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws (source)
- Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308) (source)
- Apple Patches Two Zero-Day Attack Vectors (source)