Security News > 2023 > January > Apple Issues Updates for Older Devices to Fix Actively Exploited Vulnerability

Apple Issues Updates for Older Devices to Fix Actively Exploited Vulnerability
2023-01-24 09:21

Apple has backported fixes for a recently disclosed critical security flaw affecting older devices, citing evidence of active exploitation.

While it was originally addressed by the company on November 30, 2022, as part of iOS 16.1.2 update, the patch was expanded to a broader set of Apple devices with iOS 15.7.2, iPadOS 15.7.2, macOS Ventura 13.1, tvOS 16.2, and Safari 16.2.

"Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1," the iPhone maker said in an advisory published Monday.

The update comes as Apple released iOS 16.3, iPadOS 16.3, macOS Ventura 13.2, watchOS 9.3, and Safari 16.3 to remediate a long list of security flaws, including two bugs in WebKit that could lead to code execution.

MacOS Ventura 13.2 also plugs two denial-of-service vulnerabilities in ImageIO and Safari, alongside three flaws in the Kernel that could be abused to leak sensitive information , determine its memory layout, and execute rogue code with elevated privileges.

The updates also bring with them the ability to use hardware security keys to lock down Apple IDs for phishing-resistant two-factor authentication.


News URL

https://thehackernews.com/2023/01/apple-issues-updates-for-older-devices.html

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apple 72 238 1567 2279 265 4349