Zero-Day Alert: Apple Rolls Out iOS, macOS, and Safari Patches for 2 Actively Exploited Flaws


Apple has released software updates for iOS, iPadOS, macOS, and Safari web browser to address two security flaws that it said have come under active exploitation in the wild on older versions of its software.

The vulnerabilities, both of which reside in the WebKit web browser engine, are described below –

  • CVE-2023-42916 – An out-of-bounds read issue that could be exploited to leak sensitive information when processing web content.
  • CVE-2023-42917 – A memory corruption bug that could result in arbitrary code execution when processing web content.

Read more…