Security News > 2023 > December > Apple slaps patch on WebKit holes in iPhones and Macs amid fears of active attacks
Apple has issued emergency fixes to plug security flaws in iPhones, iPads, and Macs that may already be under attack.
iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later.
"Apple is aware of a report that this issue may have been exploited," the Silicon Valley corp said about both bugs in the November 30 security update.
While we don't have details about who may have been poking code in Apple devices, and what evil deeds they were likely doing, both were found by Clément Lecigne of Google's Threat Analysis Group.
In May, Cupertino fixed three other WebKit flaws under exploit that had also been spotted by Lecigne and Amnesty International.
These types of bugs tend to be exploited in targeted attacks against politicians, journalists, academics, activists and others.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/12/01/iphones_macs_patch/
Related news
- Apple fixes two new iOS zero-days exploited in attacks on iPhones (source)
- Apple: Mercenary spyware attacks target iPhone users in 92 countries (source)
- Apple Alerts iPhone Users in 92 Countries to Mercenary Spyware Attacks (source)
- Apple's trademark tight lips extend to new iPhone, iPad zero-days (source)
- Exploit released for Fortinet RCE bug used in attacks, patch now (source)
- New GoFetch attack on Apple Silicon CPUs can steal crypto keys (source)
- Apple Updates Spyware Alert System to Warn Victims of Mercenary Attacks (source)
- Apple stops warning of 'state-sponsored' attacks, now alerts about 'mercenary spyware' (source)
- Exploit released for Palo Alto PAN-OS bug used in attacks, patch now (source)