Security News > 2022 > August > Apple releases Safari 15.6.1 to fix zero-day bug used in attacks
Apple has released Safari 15.6.1 for macOS Big Sur and Catalina to fix a zero-day vulnerability exploited in the wild to hack Macs.
"Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited," warns Apple in a security bulletin released today.
Apple says they fixed the bug through improved bounds checking.
Apple says the vulnerability was disclosed by a researcher who wishes to remain anonymous.
This zero-day vulnerability is the same one that was patched by Apple yesterday for macOS Monterey and iPhone/iPads.
Apple has not provided details on how the vulnerability is being used in attacks other than saying that it "May have been actively exploited."
News URL
Related news
- Apple fixes zero-day exploited in 'extremely sophisticated' attacks (source)
- Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) (source)
- Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacks (source)
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
- Apple Patches Actively Exploited Zero-Day Affecting iPhones, Macs, and More (source)
- Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085) (source)
- New Apple CPU side-channel attacks steal data from browsers (source)
- SLAP, Apple, and FLOP: Safari, Chrome at risk of data theft on iPhone, Mac, iPad Silicon (source)
- New SLAP & FLOP Attacks Expose Apple M-Series Chips to Speculative Execution Exploits (source)
- Google fixes Android kernel zero-day exploited in attacks (source)