Security News > 2023 > March > Apple Issues Urgent Security Update for Older iOS and iPadOS Models

Apple Issues Urgent Security Update for Older iOS and iPadOS Models
2023-03-28 03:41

Apple on Monday backported fixes for an actively exploited security flaw to older iPhone and iPad models.

The issue, tracked as CVE-2023-23529, concerns a type confusion bug in the WebKit browser engine that could lead to arbitrary code execution.

It was originally addressed by the tech giant with improved checks as part of updates released on February 13, 2023.

"Processing maliciously crafted web content may lead to arbitrary code execution," Apple said in a new advisory, adding it's "Aware of a report that this issue may have been actively exploited."

The update is available in versions iOS 15.7.4 and iPadOS 15.7.4 for iPhone 6s, iPhone 7, iPhone SE, iPad Air 2, iPad mini, and iPod touch.

The disclosure comes as Apple rolled out iOS 16.4, iPadOS 16.4, macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5, tvOS 16.4, and watchOS 9.4 with numerous bug fixes.


News URL

https://thehackernews.com/2023/03/apple-issues-urgent-security-update-for.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-02-27 CVE-2023-23529 Type Confusion vulnerability in Apple products
A type confusion issue was addressed with improved checks.
network
low complexity
apple CWE-843
8.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apple 72 238 1567 2279 265 4349