Security News > 2023 > April > Apple fixes recently disclosed zero-days on older iPhones and iPads

Apple fixes recently disclosed zero-days on older iPhones and iPads
2023-04-10 20:16

Apple has released emergency updates to backport security patches released on Friday, addressing two actively exploited zero-day flaws also affecting older iPhones, iPads, and Macs.

The second zero-day is a WebKit use after free that can let threat actors execute malicious code on compromised iPhones, Macs, or iPads after tricking their targets into loading malicious web pages.

Today, Apple addressed the zero-days in iOS 15.7.5 and iPadOS 15.7.5, macOS Monterey 12.6.5, and macOS Big Sur 11.7.6 by improving input validation and memory management.

iPhone 6s, iPhone 7, iPhone SE, iPad Air 2, iPad mini, iPod touch, and Macs running macOS Monterey and Big Sur.

CISA also ordered federal agencies to patch their devices against these two security vulnerabilities, known as being actively exploited in the wild to hack iPhones, Macs, and iPads.

In mid-February, Apple patched another WebKit zero-day that was in attacks to trigger crashes and gain code execution on vulnerable iOS, iPadOS, and macOS devices.


News URL

https://www.bleepingcomputer.com/news/apple/apple-fixes-recently-disclosed-zero-days-on-older-iphones-and-ipads/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apple 72 238 1567 2279 265 4349