Advertisement
Top
image credit: Pexels

WebKit Under Attack: Apple Issues Emergency Patches for 3 New Zero-Day Vulnerabilities

May 19, 2023

Via: The Hacker News
Category:

Apple on Thursday rolled out security updates to iOS, iPadOS, macOS, tvOS, watchOS, and the Safari web browser to address three new zero-day flaws that it said are being actively exploited in the wild.

The three security shortcomings are listed below –

  • CVE-2023-32409 – A WebKit flaw that could be exploited by a malicious actor to break out of the Web Content sandbox. It was addressed with improved bounds checks.
  • CVE-2023-28204 – An out-of-bounds read issue in WebKit that could be abused to disclose sensitive information when processing web content. It was addressed with improved input validation.
  • CVE-2023-32373 – A use-after free bug in WebKit that could lead to arbitrary code execution when processing maliciously crafted web content. It was addressed with improved memory management.

Read More on The Hacker News

RELATED PUBLICATIONS

Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes
OpenAI’s GPT-4 can exploit real vulnerabilities by reading security advisories
Hugging Face says it fixed some worrying security issues, moves to boost online protection

Latest Publications

U.S. Gov imposed Visa restrictions on 13 individuals linked to commercial spyware activity
Report: Russian Hackers Targeting Ukrainian Soldiers on Apps
iPhone Users Are Being Targeted by MFA Bombs, Here’s What We Know
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!