Security News > 2023 > September > Apple fixes 3 zero-day vulnerabilities exploited to compromise iPhones

Apple fixes 3 zero-day vulnerabilities exploited to compromise iPhones
2023-09-22 10:05

Apple has released updates for iOS and iPadOS, macOS, watchOS, and Safari to fix three zero-day vulnerabilities exploited "Against versions of iOS before iOS 16.7.".

Earlier this month, Apple closed two zero-day vulnerabilities that have been chained together by attackers to deliver NSO Group's Pegasus spyware.

A few days later, Google pushed out a security update for a Chrome zero-day vulnerability exploited in the wild.

The vulnerability is in the WebP image library, and has been reported by Apple Security Engineering and Architecture and The Citizen Lab.

Apple has released iOS 17 this week, and with it some updates to Lockdown Mode, which offers specialized protection to users at risk of highly targeted cyberattacks.

Lockdown Mode now also works on Apple Watch, removes the geolocation data from photos by default, and prevents devices from joining insecure Wi-Fi networks and 2G cellular networks.


News URL

https://www.helpnetsecurity.com/2023/09/22/cve-2023-41992-cve-2023-41991-cve-2023-41993/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apple 72 238 1567 2279 265 4349