Security News > 2023 > June > June 2023 Patch Tuesday forecast: Don’t forget about Apple
On the positive side, Apple hosted its annual Worldwide Developers Conference this week with announcements around the new Vision Pro 'spatial computer' powered by the new visionOS, iOS 17 updates, the upcoming Sonoma OS release, new M2 hardware, and much more.
On the negative side, in mid-May Apple released zero-day updates to address three critical vulnerabilities.
They are known to be exploited, so ensure you include these updates in your monthly process if you have Apple equipment.
Apple is not alone in the zero-day release category - Google also released update 114.0.5735.110 for Windows and 114.0.5735.106 for macOS and Linux to address CVE-2023-3079.
June 2023 Patch Tuesday forecast After a major lull in CVEs addressed last month, expect Microsoft to be back on track with their annual averages for both this operating systems and Office application updates next week.
Apple provided a major set of updates on May 18th. Please deploy them as soon as possible due to the known zero-day vulnerabilities.
News URL
https://www.helpnetsecurity.com/2023/06/09/june-2023-patch-tuesday-forecast/
Related news
- October 2024 Patch Tuesday forecast: Recall can be recalled (source)
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws (source)
- Microsoft cleans up hot mess of Patch Tuesday preview (source)
- Patch Tuesday: Internet Explorer Vulnerabilities Still Pose a Problem (source)
- November 2024 Patch Tuesday forecast: New servers arrive early (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws (source)
- Microsoft slips Task Manager and processor count fixes into Patch Tuesday (source)
- Patch Tuesday: Four Critical Vulnerabilities Paved Over (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-05 | CVE-2023-3079 | Type Confusion vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |