On Monday, Apple released the latest round of updates for iOS and iPadOS (17.3), macOS (14.3), watchOS (10.3), and tvOS (17.3), which include a few new features, a handful of bug fixes, and nice features. important security fixes. Among them is a fix for a vulnerability that may have been exploited in the wild. In other words, you should rush to install the update and patch it.
Zero day is the first that Apple has patched this year. This applies to the following models: iPhone 6th generation and later, and iPad mini 5th generation and later, as well as Macs running Sonoma, Ventura, and Monterey, and all Apple TV models. It was discovered as part of the WebKit Bugzilla program.
Apple also released a separate Safari update for macOS Ventura and Monterey that includes the fix, among other fixes:
WebKit (CVE-2024-23222)
- Impact: Processing maliciously crafted web content can lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited.
- Description: A type confusion issue has been resolved with improved controls.
- With WebKit Bugz: 267134
The updates also include a dozen other fixes for Apple Neural Engine, Kernel, Safari, Finder, and Shortcuts, as well as several other system features, including a strange time zone fix:
Time zone
- Impact: An application may be able to display a user’s phone number in system logs
- Description: This issue was addressed by improved redaction of sensitive information.
- CVE-2024-23210: Noah Roskin-Frazee and Professor J. (ZeroClicks.ai Lab)
Additionally, Apple released iOS 16.7.5 and iOS 15.8.1 to fix two WebKit zero-day flaws that were already fixed in iOS 17.1.2 last year.