iOS, macOS, Safari: Emergency updates close vulnerabilities

Posted on 2023-12-01 by guenni

[German]Apple released updates for iOS, macOS and Safai a few hours ago. These emergency updates are intended to close critical security vulnerabilities (CVE-2023-42916 & CVE-2023-42917) that are already under attack. These vulnerabilities can expose sensitive data while browsing. So it's time to update.

Advertising

The following tweet refers to these security updates, which Apple has described for iOS 17.1.2 and iPadOS in this document. CVE-2023-42916 is an out-of-bounds read vulnerability in the Web-Kit that can expose sensitive information when processing web content. Apple is aware of a report stating that this issue can be exploited with iOS versions prior to iOS 16.7.1.

Apple security updates Nov. 30, 2023

CVE-2023-42917 is a memory corruption vulnerability that can lead to the execution of arbitrary code when browsing web content. Apple is aware of a report stating that this issue can be exploited with iOS versions prior to iOS 16.7.1. The Hacker News has published some more details about the other Apple operating system updates and the Safari patch here.

Advertising
This entry was posted in browser, ios, Security, Update and tagged , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).