- May 4, 2019
Tracked as CVE-2023-23529, the issue relates to a type confusion bug in the WebKit browser engine that could be activated when processing maliciously crafted web content, culminating in arbitrary code execution.
The iPhone maker said the bug was addressed with improved checks, adding it's "aware of a report that this issue may have been actively exploited." An anonymous researcher has been credited with reporting the flaw.
Apple has released urgent security updates to address a new zero-day vulnerability discovered in WebKit, which attackers are exploiting in the wild.