Security News > 2023 > June > Zero-Day Alert: Apple Releases Patches for Actively Exploited Flaws in iOS, macOS, and Safari
Apple on Wednesday released a slew of updates for iOS, iPadOS, macOS, watchOS, and Safari browser to address a set of flaws it said were actively exploited in the wild.
The iPhone maker said it's aware that the two issues "May have been actively exploited against versions of iOS released before iOS 15.7," crediting Kaspersky researchers Georgy Kucherin, Leonid Bezvershenko, and Boris Larin for reporting them.
The advisory comes as the Russian cybersecurity vendor dissected the spyware implant used in the zero-click attack campaign targeting iOS devices via iMessages carrying an attachment embedded with an exploit for a remote code execution vulnerability.
The actively exploited flaw, described as a type confusion issue, has been addressed with improved checks.
iOS 16.5.1 and iPadOS 16.5.1 - iPhone 8 and later, iPad Pro, iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later.
iOS 15.7.7 and iPadOS 15.7.7 - iPhone 6s, iPhone 7, iPhone SE, iPad Air 2, iPad mini, and iPod touch macOS Ventura 13.4.1, macOS Monterey 12.6.7, and macOS Big Sur 11.7.8 watchOS 9.5.2 - Apple Watch Series 4 and later.
News URL
https://thehackernews.com/2023/06/zero-day-alert-apple-releases-patches.html
Related news
- Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308) (source)
- Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability (source)
- Microsoft Reveals macOS Vulnerability that Bypasses Privacy Controls in Safari Browser (source)
- Apple fixes two zero-days used in attacks on Intel-based Macs (source)
- Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities (source)
- Apple Patches Two Zero-Day Attack Vectors (source)