Security News > 2023 > April > CISA orders govt agencies to update iPhones, Macs by May 1st
The Cybersecurity and Infrastructure Security Agency ordered federal agencies to patch two security vulnerabilities actively exploited in the wild to hack iPhones, Macs, and iPads.
According to a binding operational directive issued in November 2022, Federal Civilian Executive Branch Agencies agencies are required to patch their systems against all security bugs added to CISA's Known Exploited Vulnerabilities catalog.
FCEB agencies now have to secure iOS, iPadOS, and macOS devices until May 1st, 2023, against two flaws addressed by Apple on Friday and added to CISA's list of bugs exploited in attacks on Monday.
iPhone 8 and later, iPad Pro, iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later, and Macs running macOS Ventura.
Even though the vulnerabilities that have been added by CISA to its KEV catalog today were likely only exploited in highly targeted attacks, it is advised to patch them as soon as possible to prevent potential attacks.
Two months ago, Apple addressed another WebKit zero-day vulnerability that was exploited to trigger OS crashes and gain code execution on vulnerable iPhones, iPads, and Macs.