Until the end of 2023 Manzana The Cupertino company has published an emergency update to fix two zero-day vulnerabilities in iPhone, iPad and Mac. Security fixes for iOS and iPadOS, macOS and Safari that prevent attackers from gaining access to your information.
Vulnerabilities CVE-2023-42916 And CVE-2023-42917 were discovered by Clément Lecine, a security researcher at Google’s Threat Intelligence Group (TAG). Both are located in the WebKit browser engine and make it easier to access sensitive information when browsing an infected website. An attacker exploits a memory corruption bug to execute arbitrary code.
“Processing web content may reveal sensitive information. “Apple is aware of a report indicating that this issue may have been present in iOS versions prior to iOS 16.7.1,” Cupertino mentions on its website. Updates solve reading error with improved input validation and implement a glitch to fix the memory corruption bug.
The iOS 17.1.2 update is available for iPhone 11-inch (1st generation and later), iPad Air (3rd generation and later), iPad (6th generation and later), and iPad Mini 5th generation and later.
If you are a user of any of these devices, Update it immediately to protect your computer from these two vulnerabilities.. To get it, log into the application Settings on your iPhone or iPad and go to General. Once inside, tap the section Software updatewait for the notification, download and install the new version.
Apple patches more vulnerabilities in iPhone, iPad and macOS
updates for iOS and iPadOS They come just weeks after Apple released two major patches to address zero-day vulnerabilities.
On October 4, the tech company’s security team fixed a bug in the XNU kernel that caused allowed an attacker to escalate privileges on iPhone and iPad. To address this issue, iOS 17.0.3 and iPadOS 17.0.3 added improved controls and updated libvpx 1.13.1 to prevent code execution via a buffer overflow.
Previously, Google TAG and Citizen Lab reported others errors who took advantage exploit in iMessage to run Pegasus, NSO Group’s spy software. Following the discovery, the University of Toronto laboratory alerted Apple and helped it investigate. The technology company has come up with relevant updates to secure people’s devices.
So far in 2023, Apple has patched over 20 zero-day vulnerabilities, some of which wereguilty of spying on journalists and human rights activists.
Source: Hiper Textual
I’m Ben Stock, a highly experienced and passionate journalist with a career in the news industry spanning more than 10 years. I specialize in writing content for websites, including researching and interviewing sources to produce engaging articles. My current role is as an author at Gadget Onus, where I mainly cover the mobile section.