Apple Releases Emergency Update to Fix Zero-Day Flaw in WebKit
When parsing carefully generated online content, the WebKit problem, identified as CVE-2023-37450, could enable threat actors to execute arbitrary code. The iPhone manufacturer claimed that has improved checks to address the issue.
The problem was found and reported by an unidentified researcher. As is typical in situations like this, little is known about the type, scope, and threat actor who was responsible for the attacks.
Apple, on the other hand, stated in a brief advisory that it is “aware of a report that this issue may have been actively exploited.”
Our Readers ALSO READJumpCloud Responds to Ongoing Cybersecurity Incident by Resetting API Keys
For devices running the following operating system versions, the upgrades, iOS 16.5.1 (a), iPadOS 16.5.1 (a), macOS Ventura 13.4.1 (a), and Safari 16.5.2, are available:
Since the beginning of 2023, Apple has fixed 10 zero-day vulnerabilities in its software. It also comes weeks after the corporation released updates to cure three zero-days, of which two were used as weapons by unnamed individuals in Operation Triangulation, an espionage operation.