Apple Update Vulnerability
In today’s SensCy Cyber Alert, your SensCy team urges Apple product users to install the new updates immediately. The new update remediates THREE new zero-day vulnerabilities in the iOS, macOS, iPadOS, and Safari Browser that have been exploited in the wild.
CVE-2023-32434: is an overflow vulnerability in the Kernel that could be exploited by malicious applications to execute arbitrary code.
CVE-2023-32435: is a memory corruption issue in the WebKit, processing web content may lead to arbitrary code execution,
The updates are available for the following
- iOS 16.5.1 and iPadOS 16.5.1 – iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
- iOS 15.7.7 and iPadOS 15.7.7 – iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)
- macOS Ventura 13.4.1, macOS Monterey 12.6.7, and macOS Big Sur 11.7.8
- watchOS 9.5.2 – Apple Watch Series 4 and later
- watchOS 8.8.1 – Apple Watch Series 3, Series 4, Series 5, Series 6, Series 7, and SE
- Safari 16.5.1 – Macs running macOS Monterey
What is a zero-day vulnerability?
In cybersecurity, a zero-day vulnerability refers to a vulnerability in a system or device that has been disclosed but not yet patched. The vulnerability was discovered before developers and security researchers were aware of it and could provide a patch/update.
How to check for new updates:
SensCy highly recommends turning on the Automatic Updates on all Apple devices and products.
On your iPhone/iPad, go to the Settings App, scroll down to General, Click Software Update, Turn on Automatic Updates, and Download iOS 16.5.If you need additional information, use these Apple links:
