[German]Apple released updates for iOS, macOS and Safai a few hours ago. These emergency updates are intended to close critical security vulnerabilities (CVE-2023-42916 & CVE-2023-42917) that are already under attack. These vulnerabilities can expose sensitive data while browsing. So it's time to update.
The following tweet refers to these security updates, which Apple has described for iOS 17.1.2 and iPadOS in this document. CVE-2023-42916 is an out-of-bounds read vulnerability in the Web-Kit that can expose sensitive information when processing web content. Apple is aware of a report stating that this issue can be exploited with iOS versions prior to iOS 16.7.1.
CVE-2023-42917 is a memory corruption vulnerability that can lead to the execution of arbitrary code when browsing web content. Apple is aware of a report stating that this issue can be exploited with iOS versions prior to iOS 16.7.1. The Hacker News has published some more details about the other Apple operating system updates and the Safari patch here.
Cookies helps to fund this blog: Cookie settings