Apple emergency updates fix 3 new zero-days exploited in attacks

Gandalf_The_Grey

Gandalf_The_Grey

Level 83
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,236
Content source
https://www.bleepingcomputer.com/news/apple/apple-emergency-updates-fix-3-new-zero-days-exploited-in-attacks/
Apple released emergency security updates to patch three new zero-day vulnerabilities exploited in attacks targeting iPhone and Mac users, for a total of 16 zero-days fixed this year.

Two bugs were found in the WebKit browser engine (CVE-2023-41993) and the Security framework (CVE-2023-41991), enabling attackers to bypass signature validation using malicious apps or gain arbitrary code execution via maliciously crafted webpages.

The third one was found in the Kernel Framework, which provides APIs and support for kernel extensions and kernel-resident device drivers. Local attackers can exploit this flaw (CVE-2023-41992) to escalate privileges.

Apple fixed the three zero-day bugs in macOS 12.7/13.6, iOS 16.7/17.0.1, iPadOS 16.7/17.0.1, and watchOS 9.6.3/10.0.1 by addressing a certificate validation issue and through improved checks.
Click to expand...
www.bleepingcomputer.com

Apple emergency updates fix 3 new zero-days exploited in attacks

Apple released emergency security updates to patch three new zero-day vulnerabilities exploited in attacks targeting iPhone and Mac users, for a total of 16 zero-days patched this year.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
  • Applause
  • Thanks
Reactions: Nevi, CyberTech, simmerskool and 10 others
You must log in or register to reply here.

Similar threads

vtqhtr413
    • +Reputation
    • Like
Security News Apple fixes two new iOS zero-days exploited in attacks on iPhones
Replies
0
Views
1,317
Security News
vtqhtr413
vtqhtr413
[correlate]
    • Like
    • +Reputation
September Android updates fix zero-day exploited in attacks
Replies
0
Views
1,330
News Archive
[correlate]
[correlate]
Gandalf_The_Grey
    • Like
    • +Reputation
    • Applause
New Update Google fixed two actively exploited Android zero-day flaws as part of its November security updates
Replies
0
Views
91
Android & WearOS
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top