Endpoint Security

Apple Ships Major iOS, macOS Security Updates

Apple patches dozens of serious security flaws in its macOS and iOS platforms, warning that hackers could launch code execution exploits.

Published

Apple patches vulnerabilities

Device maker Apple on Wednesday rolled out major security updates for its flagship macOS and iOS platforms, warning that multiple security defects expose users to remote hacker attacks.

The company released multiple bulletins to document at least 21 iOS security vulnerabilities and 44 macOS flaws that could lead to code execution, privilege escalation and exposure of sensitive data.

None of these vulnerabilities are marked as exploited in the wild.

Separately, Apple shipped a patch for an older version of the mobile OS to cover an already-exploited vulnerability reported by Russian anti-malware vendor Kaspersky.

The new iOS 17.1 covers security problems in a wide range of components, including Contacts, CoreAnimation, kernel, ImageIO and IOTextEncryptionFamily. The iOS patch also fixes major security issues in WebKit, the web browser rendering engine used in Apple’s products.   

The macOS update provides cover for code execution flaws in AppSupport, kernel, Model I/O, Vim and Webkit.

The Cupertino company also released security fixes for flaws in WatchOS, tvOS and Safari.


Related: Stealth Techniques Used in ‘Operation Triangulation’ iOS Attack

Advertisement. Scroll to continue reading.

Related: Apple Patches Kernel Flaw Exploited in ‘Operation Triangulation’

Related: Apple Patches ‘Actively Exploited’ iOS Security Flaw

In this article:, , ,

Related Content

Apple patches vulnerabilities

Vulnerabilities

Apple Patches Code Execution Vulnerability in iOS, macOS

Apple has released iOS 17.4.1 and macOS Sonoma 14.4.1 with patches for an arbitrary code execution vulnerability.

March 26, 2024

Data Protection

New ‘GoFetch’ Apple CPU Attack Exposes Crypto Keys 

Researchers detail GoFetch, a new side-channel attack impacting Apple CPUs that could allow an attacker to obtain secret keys.

March 22, 2024

Threat Intelligence

Threat Detection Report: Cloud Attacks Soar, Mac Threats and Malvertising Escalate

Red Canary’s 2024 Threat Detection Report is based on analysis of almost 60,000 threats across 216 petabytes of telemetry from over 1,000 customers’ endpoints.

March 15, 2024

Mobile & Wireless

Apple is Making Big App Store Changes in Europe Over New Rules. Could it Mean More iPhone Hacking?

Apple is opening small cracks in the iPhone’s digital fortress as part of a regulatory clampdown in Europe— at the risk of creating new...

March 7, 2024

Vulnerabilities

Apple Shortcuts Vulnerability Exposes Sensitive Information

High-severity vulnerability in Apple Shortcuts could lead to sensitive information leak without user’s knowledge.

February 23, 2024

Data Protection

Apple Adds Post-Quantum Encryption to iMessage

Apple unveils PQ3, a new post-quantum cryptographic protocol for iMessage designed to protect communications against quantum computing attacks.

February 21, 2024

Malware & Threats

Apple Ships iOS 17.3, Warns of WebKit Zero-Day Exploitation

Apple pushes out fresh versions of its iOS and macOS platforms to fix WebKit vulnerabilities being exploited as zero-day in the wild.

January 22, 2024

Vulnerabilities

Apple Patches Keystroke Injection Vulnerability in Magic Keyboard

Apple’s latest Magic Keyboard firmware addresses a recently disclosed Bluetooth keyboard injection vulnerability.

January 12, 2024

Copyright © 2024 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved.

Exit mobile version