Last week, Apple released iOS 17.3, iPadOS 17.3, macOS 14.3, tvOS 17.3, and Safari 17.3 to fix a serious WebKit zero-day vulnerability that could have been exploited in the wild. Ahead of Apple Vision Pro’s launch on Friday, visionOS is getting the same patch.
According to Apple’s security update page, visionOS 1.0.2 contains only one security patch. It’s unclear exactly what the update contains, but it likely includes the same bug fixes and performance improvements as update 1.0.1 that arrived last week. Here’s how Apple describes the fix:
Webkit (CVE-2024-23222)
- Available for: Apple Vision Pro
- Impact: Processing maliciously crafted web content can lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited.
- Description: A type confusion issue has been resolved with improved controls.
- With WebKit Bugz: 267134
Vision Pro includes a similar Safari version as the iPad, so it will likely receive the same WebKit security updates in the future. Apple hasn’t released a beta version of visionOS 1.1 yet, but it will likely arrive next week once people have devices to test it on.
Apple Vision Pro hits stores Friday, February 2. Apple is estimated to have sold 200,000 of the $3,499 devices during the two-week pre-order period and will likely treat the launch with great fanfare in its stores. There is currently a countdown on its website that ends at 8 a.m. ET. You can find out more in our complete Vision Pro guide.
