Security News > 2023 > September > Apple discloses 2 new zero-days exploited to attack iPhones, Macs

Apple discloses 2 new zero-days exploited to attack iPhones, Macs
2023-09-07 17:58

Apple released emergency security updates to fix two new zero-day vulnerabilities exploited in attacks targeting iPhone and Mac users, for a total of 13 exploited zero-days patched since the start of the year.

Since the start of the year, Apple has patched 13 zero-day bugs exploited in attacks against devices running iOS, macOS, iPadOS, and watchOS. While Apple has yet to disclose details regarding attacks exploiting the flaws patched today, it acknowledged that CVE-2023-41064 was found and reported by Citizen Labs, whose researchers have previously shared information on other Apple zero-days exploited to deploy commercial spyware on computers and iPhones in targeted attacks.

Apple releases emergency update to fix zero-day exploited in attacks.

Apple fixes new zero-day used in attacks against iPhones, Macs.

Apple opens 2024 applications to get 'security research' iPhones.

Apple re-releases zero-day patch after fixing browsing issue.


News URL

https://www.bleepingcomputer.com/news/apple/apple-discloses-2-new-zero-days-exploited-to-attack-iphones-macs/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-09-07 CVE-2023-41064 Classic Buffer Overflow vulnerability in Apple Ipados and Iphone OS
A buffer overflow issue was addressed with improved memory handling.
local
low complexity
apple CWE-120
7.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apple 72 238 1567 2279 265 4349