Security News > 2024 > January > Apple fixes actively exploited WebKit zero-day (CVE-2024-23222)

Apple has fixed an actively exploited zero-day vulnerability that affects Macs, iPhones, iPads and AppleTVs.
CVE-2024-23222 is a type confusion issue that affects WebKit - Apple's browser engine used in the Safari web browser and all iOS and iPadOS web browsers.
"Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited," Apple noted in the software release notes.
iOS 17.3 and iPadOS 17.3 - For iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later.
iOS 16.7.5 and iPadOS 16.7.5 - For iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation.
TvOS 17.3 - For Apple TV HD and Apple TV 4K. Apple has also finally backported patches for previously exploited zero-days to iOS 15.8.1 and iPadOS 15.8.1 for older iPhones and iPads.
News URL
https://www.helpnetsecurity.com/2024/01/23/cve-2024-23222/
Related news
- Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308) (source)
- Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039) (source)
- How a Windows zero-day was exploited in the wild for months (CVE-2024-43451) (source)
- Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474) (source)
- Apple fixes two zero-days used in attacks on Intel-based Macs (source)
- Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities (source)
- Apple Patches Two Zero-Day Attack Vectors (source)
- Microsoft fixes exploited zero-day (CVE-2024-49138) (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-23 | CVE-2024-23222 | Type Confusion vulnerability in Apple products A type confusion issue was addressed with improved checks. | 8.8 |