Apple Update Vulnerability

Published On: May 19, 2023Categories: Cyber Alerts

In today’s SensCy Cyber Alert, your SensCy team urges Apple product users to install the new updates immediately. The new update remediates THREE new zero-day vulnerabilities in the iOS, macOS, iPadOS, watchOS, and tvOS that have been exploited in the wild.

CVE-2023-28204: an out-of-bounds read was issued in the WebKit that could disclose sensitive information.

CVE-2023-32409: is a WebKit flaw that a threat actor could exploit to break out of the Web Content sandbox.

CVE-2023-32373: could lead to arbitrary code execution when procession malicious web content.

The updates are available in version iOS 16.5, iPadOS 16.5, macOS Ventura 13.4, Safari 16.5, watchOS 9.5

In addition, the patches are available for older devices:

iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later

Macs running macOS Big Sur, Monterey, and Ventura

Apple Watch Series 4 and later;  Apple TV 4K (all models) and Apple TV HD

What is a zero-day vulnerability?

In cybersecurity, a zero-day vulnerability refers to a vulnerability in a system or device that has been disclosed but not yet patched. The vulnerability was discovered before developers and security researchers were aware of it and could provide a patch/update.

How to check for new updates:

SensCy highly recommends turning on the Automatic Updates on all Apple devices and products.

On your iPhone/iPad, go to the Settings App, scroll down to General, Click Software Update, Turn on Automatic Updates, and Download iOS 16.5

If you need additional information, use these Apple links:

iPhone/ iPad: macOS

Related Posts

  • June 13, 2024

    Categories: Cyber Alerts

    In today’s SensCy Cyber Brief, your SensCy team reviewed Adobe latest release of security updates. We recommend installing those updates immediately if you are using [...]

  • June 13, 2024

    Categories: Cyber Alerts

    In today’s SensCy Cyber Alert, your SensCy team recommends Google Chrome Browser users to install the new Chrome Version 126 immediately. The new update patches [...]

  • June 6, 2024

    Categories: Cyber Alerts

    In today’s SensCy Cyber Alert, your SensCy team is reviewing latest disclosure of vulnerabilities by WordPress. There were 99 vulnerabilities discovered, including 82 WordPress plugin. [...]