Many of Apple's platforms has updates released May 18. An unusual occurrence. On a Thursday?
Apple is terse with details on security related updates.
Safari, macOS, iOS, iPadOS, tvOS, watchOS both current and older versions can apply the updates.
At lease three vulnerabilities are currently being exploited in the wild.
The exploit code can combine the three cited vulnerabilities to take complete system access just by visiting a malicious web site!
SO, Important. PLEASE UPDATE.
Some detail:
CVE-2023-32373 allows arbitrary code execution as WebKit processes malicious content.
CVE-2023-32409 allows breaking out of web content sandbox, thus full system compromise.
No comments:
Post a Comment