Security News > 2023 > December > Apple slaps patch on WebKit holes in iPhones and Macs amid fears of active attacks
Apple has issued emergency fixes to plug security flaws in iPhones, iPads, and Macs that may already be under attack.
iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later.
"Apple is aware of a report that this issue may have been exploited," the Silicon Valley corp said about both bugs in the November 30 security update.
While we don't have details about who may have been poking code in Apple devices, and what evil deeds they were likely doing, both were found by Clément Lecigne of Google's Threat Analysis Group.
In May, Cupertino fixed three other WebKit flaws under exploit that had also been spotted by Lecigne and Amnesty International.
These types of bugs tend to be exploited in targeted attacks against politicians, journalists, academics, activists and others.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/12/01/iphones_macs_patch/
Related news
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
- Apple backports zero-day patches to older iPhones and Macs (source)
- Apple fixes two zero-days exploited in targeted iPhone attacks (source)
- Apple plugs zero-day holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201) (source)
- Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacks (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)
- Old Fortinet flaws under attack with new method its patch didn't prevent (source)
- Apple Patches Two Actively Exploited iOS Flaws Used in Sophisticated Targeted Attacks (source)
- Apple Patches Two Zero-Days Used in ‘Extremely Sophisticated’ Attacks (source)