It is also the web browser engine used by Mail, App Store, and many other apps on macOS, iOS, and Linux.Īn integer overflow is a programming error that allows an attacker to manipulate a number the program uses in a way that might be harmful. WebKit is the browser engine that powers Safari on Macs as well as all browsers on iOS and iPadOS (browsers on iOS and iPadOS are obliged to use it). Apple is aware of a report that this issue may have been actively exploited. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.This vulnerability was also part of the so-called Operation Triangulation.ĬVE-2023-32439: a type confusion issue in the WebKit component. Processing web content may lead to arbitrary code execution. This vulnerability was part of the so-called Operation Triangulation.ĬVE-2023-32435: a memory corruption issue in the WebKit component for iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation). Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7. Successful exploitation would enable the attacker to execute arbitrary code with kernel privileges. The Common Vulnerabilities and Exposures (CVE) database lists publicly disclosed computer security flaws. The three actively exploited CVEs are:ĬVE-2023-32434: a vulnerability in the Kernel due to an integer overflow. If a Safari update is available for your device, you can get it by updating or upgrading macOS, iOS, or iPadOS. The updates may already have reached you in your regular update routines, but it doesn't hurt to check if your device is at the latest update level. IPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)Īpple Watch Series 3, Series 4, Series 5, Series 6, Series 7, and SE IPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later Updates are available for these products: Apple has released security updates for several products to address a set of flaws that it says are being actively exploited.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |