Apple Releases Urgent Security Updates to Address Zero-Day Exploits Impacting iPhones, Macs, and iPads

by | Jul 11, 2023 | News

Apple Releases Urgent Security Updates Zero-Day Exploits iPhones, Macs, and iPads

Post Views: 391

Premium Content

Patreon
Subscribe to Patreon to watch this episode.
Reading Time: 3 Minutes

Apple has rolled out a series of Rapid Security Response (RSR) updates to address a newly discovered zero-day vulnerability that has been exploited in attacks targeting fully-patched iPhones, Macs, and iPads.

In iOS and macOS advisories, Apple acknowledges that the issue may have been actively exploited, urging all users to install the RSR patches as they contain critical security fixes. These RSR updates serve as compact security updates designed to address emerging security concerns on Apple devices, bridging the gap between major software updates.

List of emergency patches includes:

  • macOS Ventura 13.4.1 (a)
  • iOS 16.5.1 (a)
  • iPadOS 16.5.1 (a)
  • Safari 16.5.2

The vulnerability, identified as CVE-2023-37450, resides in Apple’s WebKit browser engine and allows attackers to execute arbitrary code on targeted devices by enticing victims to open web pages containing maliciously crafted content. Apple has implemented improved checks in the RSR updates to mitigate the risk of exploitation.

macOS 13.4.1 (a) RSR patchmacOS 13.4.1 (a) RSR patch (BleepingComputer)

See Also: So you want to be a hacker?
Offensive Security, Bug Bounty Courses

10 Zero-days in 2023

It is worth noting that this marks the tenth zero-day vulnerability that Apple has addressed in 2023 alone, underscoring the persistent efforts of threat actors to exploit Apple devices. Earlier this month, Apple addressed three zero-day vulnerabilities exploited via iMessage zero-click attacks to deploy Triangulation spyware on iPhones.

In May, the company fixed three more zero-days, likely used to install mercenary spyware. Additionally, Apple patched two zero-days in April, which were part of exploit chains targeting high-risk targets, and addressed a WebKit zero-day in February.

Trending: The Rise and Fall of Sabu: From Hacker Hero to FBI Informant

Trending: Recon Tool: Logsensor

These ongoing security updates demonstrate Apple’s commitment to swiftly respond to emerging threats and safeguard the security and privacy of its users. Users are strongly encouraged to enable automatic updates or install Rapid Security Response patches promptly to ensure their devices remain protected against the latest vulnerabilities.

Trending: DDoSia Attack Tool Upgraded with Encryption, Concealed Targeting

Are u a security researcher? Or a company that writes articles or write ups about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing?

If you want to express your idea in an article contact us here for a quote: [email protected]

Source: bleepingcomputer.com

Source Link

Merch

Recent News

EXPLORE OUR STORE

Offensive Security & Ethical Hacking Course

Begin the learning curve of hacking now!

Information Security Solutions

Find out how Pentesting Services can help you.

Join our Community

Share This