Security News > 2023 > December > Zero-Day Alert: Apple Rolls Out iOS, macOS, and Safari Patches for 2 Actively Exploited Flaws
2023-12-01 04:25
Apple has released software updates for iOS, iPadOS, macOS, and Safari web browser to address two security flaws that it said have come under active exploitation in the wild on older versions of its software. The vulnerabilities, both of which reside in the WebKit web browser engine, are described below - CVE-2023-42916 - An out-of-bounds read issue that could be exploited to
News URL
https://thehackernews.com/2023/12/zero-day-alert-apple-rolls-out-ios.html
Related news
- Apple fixes two new iOS zero-days exploited in attacks on iPhones (source)
- Apple fixes two actively exploited iOS zero-days (CVE-2024-23225, CVE-2024-23296) (source)
- Urgent: Apple Issues Critical Updates for Actively Exploited Zero-Day Flaws (source)
- Apple's trademark tight lips extend to new iPhone, iPad zero-days (source)
- Oracle warns that macOS 14.4 update breaks Java on Apple CPUs (source)
- Apple's 'incredibly private' Safari is not so private in Europe (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-30 | CVE-2023-42916 | Out-of-bounds Read vulnerability in Apple products An out-of-bounds read was addressed with improved input validation. | 6.5 |