Security News > 2022 > December > Apple fixes new Webkit zero-day used in attacks against iPhones
In security updates released today, Apple has fixed the tenth zero-day vulnerability since the start of the year, with this latest one actively used in attacks against iPhones.
The vulnerability was disclosed in security bulletins released today for iOS/iPadOS 15.7.2, Safari 16.2, tvOS 16.2, and macOS Ventura 13.1, with Apple warning that the flaw "May have been actively exploited" against previous versions.
While Apple has disclosed that threat actors actively exploited the vulnerability, they have yet to provide any details on the attacks.
In August, it fixed two more zero-days in the iOS Kernel and WebKit In March, Apple patched two zero-day in the Intel Graphics Driver and AppleAVD. In February, Apple released security updates to address another WebKit zero-day bug exploited to target iPhones, iPads, and Macs.
News URL
Related news
- Apple fixes two zero-days exploited in targeted iPhone attacks (source)
- Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacks (source)
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
- Apple backports zero-day patches to older iPhones and Macs (source)
- Microsoft fixes Power Pages zero-day bug exploited in attacks (source)
- Broadcom fixes three VMware zero-days exploited in attacks (source)
- EncryptHub linked to MMC zero-day attacks on Windows systems (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)
- Google fixes Android zero-days exploited in attacks, 60 other flaws (source)
- Apple Patches Two Actively Exploited iOS Flaws Used in Sophisticated Targeted Attacks (source)