iOS, macOS, Safari: Emergency updates close vulnerabilities

[German]Apple released updates for iOS, macOS and Safai a few hours ago. These emergency updates are intended to close critical security vulnerabilities (CVE-2023-42916 & CVE-2023-42917) that are already under attack. These vulnerabilities can expose sensitive data while browsing. So it's time to update.


Advertising

The following tweet refers to these security updates, which Apple has described for iOS 17.1.2 and iPadOS in this document. CVE-2023-42916 is an out-of-bounds read vulnerability in the Web-Kit that can expose sensitive information when processing web content. Apple is aware of a report stating that this issue can be exploited with iOS versions prior to iOS 16.7.1.

Apple security updates Nov. 30, 2023

CVE-2023-42917 is a memory corruption vulnerability that can lead to the execution of arbitrary code when browsing web content. Apple is aware of a report stating that this issue can be exploited with iOS versions prior to iOS 16.7.1. The Hacker News has published some more details about the other Apple operating system updates and the Safari patch here.


Cookies helps to fund this blog: Cookie settings
Advertising


##1

This entry was posted in browser, ios, Security, Update and tagged , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *