Update your iPhones, iPads, and Macs today, because there are fixes for active exploits inside

本文共有3238个字。 # / a

Apple issues new security patches

 

 

AppleInsider may earn an affiliate commission on purchases made through links on our site.

The new iOS, iPadOS and macOS Ventura patches from Friday fix two security issues, one of which appears to have been exploited.

The company issued updates for iOS 16.4.1 and macOS Ventura 13.3.1 on Friday. They fixed the Apple Watch auto-unlock feature on Mac and an issue with Siri responsiveness.

Next, as is typical with new Apple releases, the company also updated its webpage for security updates. The two releases contain the same security patches, as discovered by Clement Lecigne of Google's Threat Analysis Group and Donncha O Cearbhaill of Amnesty International's Security Lab.

Patches for iOS & macOS

Users can update their operating systems by going to Settings > General > Software Update on their iPhones and Macs.

IOSurfaceAccelerator

  • Available for: macOS Ventura, iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later.
  • Impact: An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
  • Description: An out-of-bounds write issue was addressed with improved input validation.
  • CVE-2023-28206: Clement Lecigne of Google's Threat Analysis Group and Donncha O Cearbhaill of Amnesty International's Security Lab.

WebKit

  • Available for: macOS Ventura, iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later.
  • Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
  • Description: A use after free issue was addressed with improved memory management.
  • CVE-2023-28205: Clement Lecigne of Google's Threat Analysis Group and Donncha O Cearbhaill of Amnesty International's Security Lab.
版权声明:本文来源自网络,经修正后供个人鉴赏、娱乐,如若侵犯了您的版权,请及时联系我们进行删除!

添加新评论

暂无评论