Apple has released an emergency security patch to fix a critical vulnerability that has been targeting all iOS devices, including iPhones, Macbooks, and Tablets.
Apple has released urgent security patches for a newly detected zero-day vulnerability that can be exploited to hack vulnerable iOS devices, including Macs, iPhones, and iPads.
The vulnerability (tracked as CVE-2023-23529) was found in the WebKit framework of the browser. So, if maliciously designed web content is processed, it would allow arbitrary code execution after an unsuspecting user visits a compromised URL.
“Apple is aware of a report that this issue may have been actively exploited,” the company noted. This explains why the iPhone maker released patches urgently for its flagship devices.
Still, the impact is extensive, as from the iPhone 8 to all subsequent iPhone models will be impacted, as well as every model of iPad Pro, the iPad Air 3rd generation and above, iPad 5th generation and above, and iPad mini 5th generation.
Which Devices are Impacted?
An unidentified researcher discovered the flaw, which has been patched with the latest edition of security updates. Apple didn’t specify how this vulnerability could be exploited.
In fact, it is the first time a zero-day has been defined as a newly discovered security flaw. It is a WebKit confusion issue. Moreover, all Macs running Ventura will be impacted. Fixes for all these versions were released in the security update.
Security Update Details
The small point update released by Apple on Monday contains WebKit security patches for iOS 16.3.1, iPadOS 16.3.1, and macOS 11.2.1 to fix a zero-day bug. The updates are available for iOS 16, iPadOS 16, macOS Ventura, and the latest edition of Apple Safari, as well as the preceding versions of Big Sur and macOS Monterey.
In addition, Apple released patches for tvOS 16.3.2 and watchOS 9.3.1. The company has yet to release the CVE entries, though. It is also unclear if a fix will be released for iOS 15 devices. If you haven’t updated your device, please do so immediately to stay safe.
- Microsoft fixes 6 Active 0-Day Windows Flaws
- Israeli Spyware Vendor Exploiting Chrome 0day
- Apple Debuts Lockdown Mode to Prevent Spying
- Apple Bug bounty: Hack Apple and earn big bucks