A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1..
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
apple tvos |
||
apple ipados |
||
apple iphone os |
||
apple macos |
||
apple safari |
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Also: Yay for Data Privacy Day!
Apple has issued an emergency patch for older kit to fix a WebKit security flaw that Cupertino warns is under active attack.
On Monday, Apple released iOS 12.5.7 for iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and sixth-generation iPod touch. It also updated iOS and iPadOS 15 and 16, but it appears that, at least as of now, attackers are only going after devices running the very-old iOS 12.
If you have one of these older devices, we'd suggest updating to t...
Vulmon