June 7, 2023

Apple has released patches for three new zero-day vulnerabilities that are actively exploited in attacks in the wild affecring iPhones, Macs, and iPads.

The three vulnerabilities, tracked as CVE-2023-32409, CVE-2023-28204, and CVE-2023-32373, reside in the WebKit browser engine. Below are the details of the three issues:

  • CVE-2023-32409 – A remote attacker may be able to break out of Web Content sandbox. Apple is aware of a report that this issue may have been actively exploited. Though Apple did not provide details about the attacks, and the three issues were likely exploited in attacks conducted by nation-state actors or by surveillance firms.
  • CVE-2023-28204 – Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited.
  • CVE-2023-32373 – Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Advertisements

Apple is aware of a report that this issue may have been actively exploited and released iOS and iPadOS 16.5, tvOS 16.5, watchOS 9.5, Safari 16.5, and macOS Ventura 13.4 to address the issues.

Tags:

Leave a Reply

You may have missed

Microsoft to comply with LinkedIn GDPR Violation

Microsoft to comply with LinkedIn GDPR Violation

June 7, 2023
Google Fixes Third Chrome Zeroday

Google Fixes Third Chrome Zeroday

June 6, 2023
Moveit Attributed to Lace Tempest

Moveit Attributed to Lace Tempest

June 6, 2023
Byte Code Bites PYPI

Byte Code Bites PYPI

June 5, 2023
Enzo Biochem Suffers a Data Breach

Enzo Biochem Suffers a Data Breach

June 5, 2023
BlackSuit Ransomware Dissection

BlackSuit Ransomware Dissection

June 4, 2023
%d bloggers like this: