Apple released security updates to address a zero-day vulnerability, tracked as CVE-2024-23222, that impacts iPhones, Macs, and Apple TVs. This is the first actively exploited zero-day vulnerability fixed by the company this year.
Vulnerability is a type of confusion issue that resides in WebKit. An attacker can exploit this issue by tricking the victims into visiting maliciously crafted web content to achieve arbitrary code execution.
Advertisements
As per the advisory, processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited.
The updates are available for the following devices and operating systems –
- iOS 17.3 and iPadOS 17.3 – iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
- iOS 16.7.5 and iPadOS 16.7.5 – iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation
- macOS Sonoma 14.3 – Macs running macOS Sonoma
- macOS Ventura 13.6.4 – Macs running macOS Ventura
- macOS Monterey 12.7.3 – Macs running macOS Monterey
- tvOS 17.3 – Apple TV HD and Apple TV 4K (all models)
- Safari 17.3 – Macs running macOS Monterey and macOS Ventura
