April 29, 2024

2 Latest Actively Exploited Zero-Day Flaws in iPhones, & Macs were disclosed by Apple

Sandhyakumari September 8, 2023 0
Zero Day Flaws in iPhones Macs
Post Views: 173

Apple launched emergency security patches to deal with 2 new actively exploited zero-day security flaws hampering iPhones and Macs

The Image I/O and Allet frameworks contain the two Apple zero-day vulnerabilities identified as CVE-2023-41064 and CVE-2023-41061.

A buffer overflow problem was discovered by Citizen Lab researchers and is known as CVE-2023-41064. The IT behemoth fixed the issue with better memory management.

Advisory

“A maliciously created image’s processing could result in arbitrary code execution. Apple is aware of information suggesting that this problem may have been deliberately exploited.”

“A maliciously crafted attachment could execute arbitrary code. Apple is aware of information suggesting that this problem may have been deliberately exploited.”

Apple identified the validation flaw, CVE-2023-41061. The IT behemoth modified its reasoning to correct the problem. By getting the device to open a specially created attachment, an attacker can execute arbitrary code.

With the releases of macOS Ventura 13.5.2, iOS 16.6.1, iPadOS 16.6.1, and watchOS 9.6.2, Apple fixed the issues.

Thirteen actively exploited zero-day vulnerabilities have already been addressed by the organization in 2023. The list of issues the company fixed is below:

  • July 2023 – CVE-2023-37450 and CVE-2023-38606.
  • June 2023 – CVE-2023-32434, CVE-2023-32435, and CVE-2023-32439.
  • May 2023 – CVE-2023-32409, CVE-2023-28204, and CVE-2023-32373).
  • April 2023 – CVE-2023-28206 and CVE-2023-28205.
  • February 2023 – CVE-2023-23529).

About The Author

Suraj Koli is a content specialist with expertise in Cybersecurity and B2B Domains. He has provided his skills for News4Hackers Blog and Craw Security. Moreover, he has written content for various sectors Business, Law, Food & Beverage, Entertainment, and many others. Koli established his center of the field in a very amazing scenario. Simply said, he started his career selling products, where he enhanced his skills in understanding the product and the point of view of clients from the customer’s perspective, which simplified his journey in the long run. It makes him an interesting personality among other writers. Currently, he is a regular writer at Craw Security.

Cyber Security course

Read More Article Here:

A Bengaluru Teacher Lost ₹32 Lakh to Cyber Fraud After Discovering “5 Passports in Your Name”

Zero-Day Alert: Recently Widely Exploited Flaw is Fixed in Latest Android Patch Update

About Author

Sandhyakumari

See author's posts

Tags: , , , , , ,

More Stories

WP-Automatic Plugin Vulnerability

WP-Automatic Plugin Vulnerability Exploited by Hackers to Establish Admin Accounts on WordPress Sites

Tahir April 28, 2024 0
WhatsApp Threatens To Leave India

WhatsApp Threatens To Leave India If It Is Compelled To Break Encryption in Delhi High Court.

Tahir April 28, 2024 0
A Big Cyber Fraud in Mumbai

A Big Cyber Fraud in Mumbai, Retired MNC Director Cheated for ₹25 Crores in the Name of Money Laundering

Tahir April 27, 2024 0

Leave a Reply

Your email address will not be published. Required fields are marked *

You may have missed

WP-Automatic Plugin Vulnerability

WP-Automatic Plugin Vulnerability Exploited by Hackers to Establish Admin Accounts on WordPress Sites

Tahir April 28, 2024 0
WhatsApp Threatens To Leave India

WhatsApp Threatens To Leave India If It Is Compelled To Break Encryption in Delhi High Court.

Tahir April 28, 2024 0
A Big Cyber Fraud in Mumbai

A Big Cyber Fraud in Mumbai, Retired MNC Director Cheated for ₹25 Crores in the Name of Money Laundering

Tahir April 27, 2024 0
Zero-Day Vulnerabilities

State-Sponsored Hackers Perform Spying Using Two Cisco Zero-Day Vulnerabilities

Tahir April 26, 2024 0

10 Bollywood Celebs Called by Maharashtra Police in Cyber Fraud Cases, Know More Here

Tahir April 26, 2024 0
en_USEnglish
en_USEnglish
Open chat
Hello
Can we help you?