Apple Release Security Patch For Zero-Day Vulnerabilities on iPhone, iPad, Mac
Updated: Dec 18, 2023
If you're an Apple user, make sure your devices are updated as soon as possible.
The Cupertino tech giant recently rolled out patches for security issues found within its WebKit web browser engine to protect users from vulnerabilities that could compromise their data.
The issues reportedly involve two zero-day vulnerabilities (CVE-2023-42916 and CVE-2023-42917) that can be exploited while processing web content to leak sensitive information and execute arbitrary codes. They affect iPhone, iPad and Mac, so if you're using any of these devices, install the update now. Your devices should be running iOS 17.1.2, iPadOS 17.1.2, macOS Sonoma 14.1.2 and Safari 17.1.2.
"Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1," said the iPhone maker in an advisory.
Security researcher Clément Lecigne of Google's Threat Analysis Group (TAG) uncovered and reported the two vulnerabilities.
Apple, however, won't share details about the exact nature of the exploits found in the wild as it believes that would impact its customers' protection. "For our customers’ protection, Apple doesn’t disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available," it said.
Counting these two new ones, Apple has resolved 20 zero-day vulnerabilities so far this year. It previously fixed another WebKit-related issue in February, involving a vulnerability that allowed hackers to insert code on your device and trigger OS crashes.
In case you're unfamiliar, WebKit is Apple's browser engine. It powers apps like Safari, Mail and the App Store.
While Apple tries to keep WebKit as secure as possible, the engine is prone to exploits due to it being a prime target for hackers. The company restricts third-party web browsers like Google Chrome and Microsoft Edge to use any other browser engine other than WebKit, making it attractive for those who want to infect iPhones, iPads and Mac devices.
That means there'll always be possibilities of other vulnerabilities being exploited in the future, so you should always be careful with the data on your devices.
Apple recently rolled out patches for security issues found within its WebKit web browser engine to protect users from vulnerabilities that could compromise their data.
The vulnerabilities affect iPhone, iPad and Mac, so if you're using any of these devices, install the update now.
Your devices should be running iOS 17.1.2, iPadOS 17.1.2, macOS Sonoma 14.1.2 and Safari 17.1.2.