Apple released emergency security updates on Monday evening that patch a particularly dangerous vulnerability (“Dubbed Zero Day”). Bleeping Computer reports that the vulnerability is already being used in attacks to hack iPhones, iPads and Macs.
A successful exploit allows attackers to “execute arbitrary code on Apple devices running vulnerable versions of iOS, iPadOS and macOS” after users access a malicious website.
iPhone 8 and newer
The full list of compromised devices is quite extensive, as the vulnerability discovered and reported by third parties also affects older devices:
- iPhone 8 and newer
- iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad Mini 5th generation and later
- Macs with macOS Ventura.
The bug also affects Safari 16.3.1 on macOS Big Sur and Monterey, Bleeping Computer writes.
While this zero-day vulnerability has probably only been used in targeted attacks so far, all Apple users should install appropriate emergency updates as soon as possible.
The updates also fix another system vulnerability (CVE-2023-23514) discovered by Google’s Project Zero security experts.
Sources
- bloodcomputer.com: Apple fixes new WebKit zero-day abused to hack iPhones, Macs
- support.apple.com: About the security content of iOS 16.3.1 and iPadOS 16.3.1
- support.apple.com: About the security content of macOS Ventura 13.2.1
(dsc)
Source: Watson
I’m Ella Sammie, author specializing in the Technology sector. I have been writing for 24 Instatnt News since 2020, and am passionate about staying up to date with the latest developments in this ever-changing industry.
