Apple has taken swift action to address two actively exploited vulnerabilities by releasing security updates for iPhones, iPads, and Macs. The updates, iOS and iPadOS 17.1.2 and macOS 14.1.2 were prompted by a vulnerability disclosure from Google’s Threat Analysis Group. The vulnerabilities found in the WebKit browser engine allowed remote hackers to implant malicious code, including spyware, on targeted devices over the internet. Apple responded promptly to the disclosure, acknowledging the potential exploitation in iOS versions preceding iOS 16.7.1. The company also released Safari 17.1.2 for users running older macOS versions. The actors responsible for the exploitation remain unidentified. Google, earlier in the week, patched its own zero-day vulnerability in Google Chrome, recognizing an existing exploit “in the wild,” with Apple similarly addressing the reported bug within a week.
Apple issues security patches for iOS, iPadOS, and macOS, addressing two zero-day vulnerabilities that are actively being exploited.
