In today’s SensCy Cyber Alert, your SensCy team urges Apple product users to install the new updates immediately. The new update remediates Two new zero-day vulnerability in the iOS, macOS, iPadOS, and Safari Browser that have been exploited in the wild by the known mercenary spyware Pegasus
CVE-2023-41061 is a vulnerability in Wallet that could lead to arbitrary code execution. CVE-2023-41064 is a buffer overflow issue in the Image I/O component that could lead to arbitrary code execution.
The updates are iOS 16.5.1 (a), iPadOS 16.5.1 (a), macOS Ventura 13.4.1 (a), and Safari 16.5.2, are available for:
- iOS 16.6.1 and iPadOS 16.6.1
- macOS Ventura 13.5.2
- watchOS 9.6.2
What is a zero-day vulnerability?
In cybersecurity, a zero-day vulnerability refers to a vulnerability in a system or device that has been disclosed but not yet patched. The vulnerability was discovered before developers and security researchers were aware of it and could provide a patch/update.
How to check for new updates:
SensCy highly recommends turning on the Automatic Updates on all Apple devices and products.
On your iPhone/iPad, go to the Settings App, scroll down to General, Click Software Update, Turn on Automatic Updates, and Download iOS 16.6.If you need additional information, use these Apple links:
iPhone/ iPad: macOS