Apple this week announced fresh security updates for macOS and iOS, including patches that address an exploited vulnerability in older iPhone models.
The issue, tracked as CVE-2023-23529, was initially addressed as a zero-day in mid-February, with the release of iOS and iPadOS 16.3.1 and macOS Ventura 13.2.1. Apple credited an anonymous researcher for reporting the bug.
Impacting WebKit, the flaw can lead to arbitrary code execution during the processing of maliciously crafted web content and was addressed with improved checks.
“Apple is aware of a report that this issue may have been actively exploited,” the Cupertino-based tech giant notes in its advisory.
Patches for this vulnerability are included in iOS 15.7.4 and iPadOS 15.7.4, which are now rolling out to all iPhone 6s and iPhone 7 models, first-generation iPhone SE, iPad Air 2, fourth-gen iPad mini, and seventh-gen iPod touch.
The security update contains fixes for a total of 16 vulnerabilities that could lead to information leaks, memory write, arbitrary code execution, VPN server spoofing, and to the use of sensitive user data to perform certain actions.
This week, Apple also released security updates for the latest-generation iPhone and iPad models, to address a total of 33 vulnerabilities. Rolling out as iOS 16.4 and iPadOS 16.4, the platform updates also bring several user-experience enhancements.
Nearly 60 vulnerabilities were addressed with the release of macOS Ventura 13.3 this week. macOS Monterey 12.6.4 and Big Sur 11.7.5 were released with patches for over 25 vulnerabilities each.
The tech giant also patched two vulnerabilities with the release of Safari 16.4, which is now available for macOS Big Sur and macOS Monterey users.
Security updates are also available for tvOS and watchOS, as well as for Studio Display firmware for macOS Ventura. Further information on the addressed vulnerabilities can be found on Apple’s support website.
Related: Apple Updates Advisories as Security Firm Discloses New Class of Vulnerabilities
Related: Apple Patches Exploited iOS Vulnerability in Old iPhones
Related: Apple Patches WebKit Code Execution in iPhones, MacBooks
More from Ionut Arghire
- Organizations Worldwide Targeted in Rapidly Evolving Buhti Ransomware Operation
- Google Cloud Users Can Now Automate TLS Certificate Lifecycle
- NCC Group Releases Open Source Tools for Developers, Pentesters
- Memcyco Raises $10 Million in Seed Funding to Prevent Website Impersonation
- Apria Healthcare Notifying 2 Million People of Years-Old Data Breaches
- European Cybersecurity Firm Sekoia.io Raises $37.5 Million
- GitLab Security Update Patches Critical Vulnerability
- Android App With 50,000 Downloads in Google Play Turned Into Spyware via Update
Latest News
- Industrial Giant ABB Confirms Ransomware Attack, Data Theft
- Organizations Worldwide Targeted in Rapidly Evolving Buhti Ransomware Operation
- Google Cloud Users Can Now Automate TLS Certificate Lifecycle
- Zyxel Firewalls Hacked by Mirai Botnet
- Watch Now: Threat Detection and Incident Response Virtual Summit
- NCC Group Releases Open Source Tools for Developers, Pentesters
- Memcyco Raises $10 Million in Seed Funding to Prevent Website Impersonation
- New Russia-Linked CosmicEnergy ICS Malware Could Disrupt Electric Grids
