Security News > 2024 > March > Urgent: Apple Issues Critical Updates for Actively Exploited Zero-Day Flaws
2024-03-06 05:54
Apple has released security updates to address several security flaws, including two vulnerabilities that it said have been actively exploited in the wild. The shortcomings are listed below - CVE-2024-23225 - A memory corruption issue in Kernel that an attacker with arbitrary kernel read and write capability can exploit to bypass kernel memory protections CVE-2024-23296 - A memory
News URL
https://thehackernews.com/2024/03/urgent-apple-issues-critical-updates.html
Related news
- Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks (source)
- Apple fixes two new iOS zero-days exploited in attacks on iPhones (source)
- Apple fixes two actively exploited iOS zero-days (CVE-2024-23225, CVE-2024-23296) (source)
- Apple's trademark tight lips extend to new iPhone, iPad zero-days (source)
- Microsoft's March Updates Fix 61 Vulnerabilities, Including Critical Hyper-V Flaws (source)
- Oracle warns that macOS 14.4 update breaks Java on Apple CPUs (source)
- Apple Updates Spyware Alert System to Warn Victims of Mercenary Attacks (source)
- Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-05 | CVE-2024-23296 | Out-of-bounds Write vulnerability in Apple products A memory corruption issue was addressed with improved validation. | 7.8 |
| 2024-03-05 | CVE-2024-23225 | Out-of-bounds Write vulnerability in Apple products A memory corruption issue was addressed with improved validation. | 7.8 |