Security News > 2024 > November > Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities
2024-11-20 04:37
Apple has released security updates for iOS, iPadOS, macOS, visionOS, and its Safari web browser to address two zero-day flaws that have come under active exploitation in the wild. The flaws are listed below - CVE-2024-44308 - A vulnerability in JavaScriptCore that could lead to arbitrary code execution when processing malicious web content CVE-2024-44309 - A cookie management vulnerability in
News URL
https://thehackernews.com/2024/11/apple-releases-urgent-updates-to-patch.html
Related news
- Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities (source)
- Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities (source)
- Patch Tuesday: Microsoft Fixes 134 Vulnerabilities, Including 1 Zero-Day (source)
- Apple backports zero-day patches to older iPhones and Macs (source)
- Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws (source)
- Apple fixes two zero-days exploited in targeted iPhone attacks (source)
- Apple plugs zero-day holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201) (source)
- Apple Patches Two Zero-Days Used in ‘Extremely Sophisticated’ Attacks (source)
- Emergency patch for potential SAP zero-day that could grant full system control (source)
- Microsoft May 2025 Patch Tuesday fixes 5 exploited zero-days, 72 flaws (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-20 | CVE-2024-44309 | Cross-site Scripting vulnerability in Apple products A cookie management issue was addressed with improved state management. | 6.1 |
| 2024-11-20 | CVE-2024-44308 | Unspecified vulnerability in Apple products The issue was addressed with improved checks. | 8.8 |