Apple Releases Emergency Update to Fix Zero-Day Flaw in WebKit
Apple has published Rapid Security Response upgrades for iOS, iPadOS, macOS, and the Safari web browser, inorder to fix a zero-day vulnerability that it said has been actively exploited in the wild.
When parsing carefully generated online content, the WebKit problem, identified as CVE-2023-37450, could enable threat actors to execute arbitrary code. The iPhone manufacturer claimed that has improved checks to address the issue.
The problem was found and reported by an unidentified researcher. As is typical in situations like this, little is known about the type, scope, and threat actor who was responsible for the attacks.
Apple, on the other hand, stated in a brief advisory that it is “aware of a report that this issue may have been actively exploited.”
Our Readers ALSO READ
JumpCloud Responds to Ongoing Cybersecurity Incident by Resetting API Keys
For devices running the following operating system versions, the upgrades, iOS 16.5.1 (a), iPadOS 16.5.1 (a), macOS Ventura 13.4.1 (a), and Safari 16.5.2, are available:
Since the beginning of 2023, Apple has fixed 10 zero-day vulnerabilities in its software. It also comes weeks after the corporation released updates to cure three zero-days, of which two were used as weapons by unnamed individuals in Operation Triangulation, an espionage operation.
Apple has pulled the software update after reports emerged that installing the patches caused certain websites like Facebook, Instagram, and Zoom to throw an “Unsupported Browser” error on Safari.
Like this article? follow our LinkedIn and Facebook handles for more exclusive content like this.
