Security News > 2022 > December > New Actively Exploited Zero-Day Vulnerability Discovered in Apple Products

New Actively Exploited Zero-Day Vulnerability Discovered in Apple Products
2022-12-14 03:44

Apple on Tuesday rolled out security updates to iOS, iPadOS, macOS, tvOS, and Safari web browser to address a new zero-day vulnerability that could result in the execution of malicious code.

The company said it's "Aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1.".

It's worth noting that every third-party web browser that's available for iOS and iPadOS, including Google Chrome, Mozilla Firefox, and Microsoft Edge, and others, is required to use the WebKit rendering engine due to restrictions imposed by Apple.

The update, which is available with iOS 15.7.2, iPadOS 15.7.2, macOS Ventura 13.1, tvOS 16.2, and Safari 16.2, arrives two weeks after Apple patched the same bug in iOS 16.1.2 on November 30, 2022.

The fix marks the resolution of the tenth zero-day vulnerability discovered in Apple software since the start of the year.

The latest iOS, iPadOS, and macOS updates also introduce a new security feature called Advanced Data Protection for iCloud that expands end-to-end encryption to ‌iCloud‌ Backup, Notes, Photos, and more.


News URL

https://thehackernews.com/2022/12/new-actively-exploited-zero-day.html

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apple 72 238 1567 2279 265 4349