Components Affected
Overview
Multiple vulnerabilities were identified in Apple Products, where a remote attacker could exploit some of these vulnerabilities to trigger elevation of privilege, remote code execution, sensitive information disclosure and security restriction bypass on the targeted system.
Description
Multiple vulnerabilities in Apple products have been identified, posing a range of risks if exploited by a remote attacker. Apple is pushing out fresh versions of its flagship iOS and macOS platforms with patches for multiple WebKit vulnerabilities being exploited as zero-day in the wild. The newest iOS 17.3 and macOS Sonoma 14.3 updates fix at least 16 documented vulnerabilities that expose Apple users to code execution, security restriction bypass, denial-of-service and data exposure attacks. One of the WebKit flaws; CVE-2024-23222, may have been exploited against newer versions of the operating system while a pair of WebKit bugs; CVE-2023-42916 and CVE-2023-42917 may have been exploited against versions of iOS before iOS 16.7.5.
Impact
Solution/ Workarounds
Before installation of the software, please visit the software vendor web-site for more details.
Apply fixes issued by the vendor:
Reference
Disclaimer
The information provided herein is on an “as is” basis, without warranty of any kind.