top of page
  • Kyle Chua

Apple Release Security Patch For Zero-Day Vulnerabilities on iPhone, iPad, Mac

Updated: Dec 18, 2023

If you're an Apple user, make sure your devices are updated as soon as possible.

Apple
Credit: Reuters

The Cupertino tech giant recently rolled out patches for security issues found within its WebKit web browser engine to protect users from vulnerabilities that could compromise their data.


The issues reportedly involve two zero-day vulnerabilities (CVE-2023-42916 and CVE-2023-42917) that can be exploited while processing web content to leak sensitive information and execute arbitrary codes. They affect iPhone, iPad and Mac, so if you're using any of these devices, install the update now. Your devices should be running iOS 17.1.2, iPadOS 17.1.2, macOS Sonoma 14.1.2 and Safari 17.1.2.


"Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1," said the iPhone maker in an advisory.


Security researcher Clément Lecigne of Google's Threat Analysis Group (TAG) uncovered and reported the two vulnerabilities.

Apple
Credit: Reuters

Apple, however, won't share details about the exact nature of the exploits found in the wild as it believes that would impact its customers' protection. "For our customers’ protection, Apple doesn’t disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available," it said.


Counting these two new ones, Apple has resolved 20 zero-day vulnerabilities so far this year. It previously fixed another WebKit-related issue in February, involving a vulnerability that allowed hackers to insert code on your device and trigger OS crashes.


In case you're unfamiliar, WebKit is Apple's browser engine. It powers apps like Safari, Mail and the App Store.


While Apple tries to keep WebKit as secure as possible, the engine is prone to exploits due to it being a prime target for hackers. The company restricts third-party web browsers like Google Chrome and Microsoft Edge to use any other browser engine other than WebKit, making it attractive for those who want to infect iPhones, iPads and Mac devices.


That means there'll always be possibilities of other vulnerabilities being exploited in the future, so you should always be careful with the data on your devices.

 
  • Apple recently rolled out patches for security issues found within its WebKit web browser engine to protect users from vulnerabilities that could compromise their data.

  • The vulnerabilities affect iPhone, iPad and Mac, so if you're using any of these devices, install the update now.

  • Your devices should be running iOS 17.1.2, iPadOS 17.1.2, macOS Sonoma 14.1.2 and Safari 17.1.2.

As technology advances and has a greater impact on our lives than ever before, being informed is the only way to keep up.  Through our product reviews and news articles, we want to be able to aid our readers in doing so. All of our reviews are carefully written, offer unique insights and critiques, and provide trustworthy recommendations. Our news stories are sourced from trustworthy sources, fact-checked by our team, and presented with the help of AI to make them easier to comprehend for our readers. If you notice any errors in our product reviews or news stories, please email us at editorial@tech360.tv.  Your input will be important in ensuring that our articles are accurate for all of our readers.

bottom of page