Security News > 2023 > December > Apple slaps patch on WebKit holes in iPhones and Macs amid fears of active attacks

Apple has issued emergency fixes to plug security flaws in iPhones, iPads, and Macs that may already be under attack.
iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later.
"Apple is aware of a report that this issue may have been exploited," the Silicon Valley corp said about both bugs in the November 30 security update.
While we don't have details about who may have been poking code in Apple devices, and what evil deeds they were likely doing, both were found by Clément Lecigne of Google's Threat Analysis Group.
In May, Cupertino fixed three other WebKit flaws under exploit that had also been spotted by Lecigne and Amnesty International.
These types of bugs tend to be exploited in targeted attacks against politicians, journalists, academics, activists and others.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/12/01/iphones_macs_patch/
Related news
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
- First Apple-notarized porn app available to iPhone users in Europe (source)
- CISA orders agencies to patch Linux kernel bug exploited in attacks (source)
- Apple fixes zero-day exploited in 'extremely sophisticated' attacks (source)
- Apple warns 'extremely sophisticated attack' may be targeting iThings (source)
- Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) (source)
- SonicWall firewalls now under attack: Patch ASAP or risk intrusion via your SSL VPN (source)
- New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now (source)
- Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacks (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)