Apple Addresses Three Zero-Day Vulnerabilities Actively Exploited by Attackers

Visit Us
Follow Me
Photo by Alexander Schimmeck on Unsplash

Apple has released an emergency software update to patch three zero-day vulnerabilities that were actively exploited by malicious actors. These vulnerabilities affected the Safari browser as well as software platforms for Apple Watch, iPhone, iPad, and Mac computers.

The first vulnerability, assigned CVE-2023-41991, was related to Security Framework tools and allowed for “bypassing signature checks.” The second, identified as CVE-2023-41992, was a flaw in the Kernel Framework’s protection, which could be leveraged for privilege escalation within the system. Finally, the third vulnerability, CVE-2023-41993, resided in the WebKit browser engine and permitted the “execution of arbitrary code through malicious web pages.”

These vulnerabilities impacted a broad range of Apple devices, including iPhone 8 and later models, iPad mini 5th generation and later, Apple Watch Series 4 and later, as well as Mac computers running macOS Monterey and later. The software flaws have been addressed in updates such as iOS 16.7, iOS 17.0.1, iPadOS 16.7, iPadOS 17.0.1, macOS Monterey 12.7, macOS Ventura 13.6, watchOS 9.6.3, watchOS 10.0.1, and Safari 16.6.1.

The security vulnerabilities in Apple’s software were discovered by Bill Marczak of Citizen Lab at the University of Toronto, Canada, and Maddie Stone from Google’s Threat Analysis Group.

Author Profile

Vasyl Kolomiiets
Vasyl Kolomiiets
I'm Vasyl Kolomiiets, a seasoned tech journalist regularly contributing to global publications. Having a profound background in information technologies, I seamlessly blended my technical expertise with my passion for writing, venturing into technology journalism. I've covered a wide range of topics including cutting-edge developments and their impacts on society, contributing to leading tech platforms.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *