A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5.1 and iPadOS 16.5.1, iOS 15.7.7 and iPadOS 15.7.7, macOS Ventura 13.4.1, Safari 16.5.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple iphone os |
||
apple ipados |
||
apple macos |
||
apple safari |
Apple fixes two new iOS zero-days exploited in attacks on iPhones By Lawrence Abrams March 5, 2024 04:34 PM 0 Apple released emergency security updates to fix two iOS zero-day vulnerabilities that were exploited in attacks on iPhones. "Apple is aware of a report that this issue may have been exploited," the company said in an advisory issued on Tuesday. The two bugs were found in the iOS Kernel (CVE-2024-23225) and RTKit (CVE-2024-23296), both allowing attackers with arbitrary kernel r...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Snoops may be targeting macOS in addition to iPhones, Kaspersky says
Whoever is infecting people's iPhones with the TriangleDB spyware may be targeting macOS computers with similar malware, according to Kaspersky researchers. In the security shop's ongoing analysis of the smartphone snooping campaign – during which attackers exploit a kernel vulnerability to obtain root privileges and install TriangleDB on victims' handsets – Kaspersky analysts uncovered 24 commands provided by the malware that can be used for a range of illicit activities; everything from st...