Security News > 2023 > June > June 2023 Patch Tuesday forecast: Don’t forget about Apple
On the positive side, Apple hosted its annual Worldwide Developers Conference this week with announcements around the new Vision Pro 'spatial computer' powered by the new visionOS, iOS 17 updates, the upcoming Sonoma OS release, new M2 hardware, and much more.
On the negative side, in mid-May Apple released zero-day updates to address three critical vulnerabilities.
They are known to be exploited, so ensure you include these updates in your monthly process if you have Apple equipment.
Apple is not alone in the zero-day release category - Google also released update 114.0.5735.110 for Windows and 114.0.5735.106 for macOS and Linux to address CVE-2023-3079.
June 2023 Patch Tuesday forecast After a major lull in CVEs addressed last month, expect Microsoft to be back on track with their annual averages for both this operating systems and Office application updates next week.
Apple provided a major set of updates on May 18th. Please deploy them as soon as possible due to the known zero-day vulnerabilities.
News URL
https://www.helpnetsecurity.com/2023/06/09/june-2023-patch-tuesday-forecast/
Related news
- April 2024 Patch Tuesday forecast: New and old from Microsoft (source)
- Microsoft April 2024 Patch Tuesday fixes 150 security flaws, 67 RCEs (source)
- May 2024 Patch Tuesday forecast: A reminder of recent threats and impact (source)
- Week in review: Veeam fixes RCE flaw in backup management platform, Patch Tuesday forecast (source)
- Apple backports iOS zero-day patch, adds Bluetooth tracker alert (source)
- Microsoft May 2024 Patch Tuesday fixes 3 zero-days, 61 flaws (source)
- May 2024 Patch Tuesday: Microsoft fixes exploited zero-days (CVE-2024-30051, CVE-2024-30040) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-05 | CVE-2023-3079 | Type Confusion vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |