Security News > 2022 > December > Apple fixes new Webkit zero-day used in attacks against iPhones
In security updates released today, Apple has fixed the tenth zero-day vulnerability since the start of the year, with this latest one actively used in attacks against iPhones.
The vulnerability was disclosed in security bulletins released today for iOS/iPadOS 15.7.2, Safari 16.2, tvOS 16.2, and macOS Ventura 13.1, with Apple warning that the flaw "May have been actively exploited" against previous versions.
While Apple has disclosed that threat actors actively exploited the vulnerability, they have yet to provide any details on the attacks.
In August, it fixed two more zero-days in the iOS Kernel and WebKit In March, Apple patched two zero-day in the Intel Graphics Driver and AppleAVD. In February, Apple released security updates to address another WebKit zero-day bug exploited to target iPhones, iPads, and Macs.
News URL
Related news
- Apple fixes two zero-days used in attacks on Intel-based Macs (source)
- Apple Patches Two Zero-Day Attack Vectors (source)
- Rackspace monitoring data stolen in ScienceLogic zero-day attack (source)
- Fraudsters imprisoned for scamming Apple out of 6,000 iPhones (source)
- Qualcomm patches high-severity zero-day exploited in attacks (source)
- Ivanti warns of three more CSA zero-days exploited in attacks (source)
- Mozilla fixes Firefox zero-day actively exploited in attacks (source)
- Firefox Zero-Day Under Attack: Update Your Browser Immediately (source)
- CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack (source)
- Fortinet warns of new critical FortiManager flaw used in zero-day attacks (source)