2 Latest Actively Exploited Zero-Day Flaws in iPhones, & Macs were disclosed by Apple

0
Zero Day Flaws in iPhones Macs

Apple launched emergency security patches to deal with 2 new actively exploited zero-day security flaws hampering iPhones and Macs

The Image I/O and Allet frameworks contain the two Apple zero-day vulnerabilities identified as CVE-2023-41064 and CVE-2023-41061.

A buffer overflow problem was discovered by Citizen Lab researchers and is known as CVE-2023-41064. The IT behemoth fixed the issue with better memory management.

Advisory

“A maliciously created image’s processing could result in arbitrary code execution. Apple is aware of information suggesting that this problem may have been deliberately exploited.”

“A maliciously crafted attachment could execute arbitrary code. Apple is aware of information suggesting that this problem may have been deliberately exploited.”

Apple identified the validation flaw, CVE-2023-41061. The IT behemoth modified its reasoning to correct the problem. By getting the device to open a specially created attachment, an attacker can execute arbitrary code.

With the releases of macOS Ventura 13.5.2, iOS 16.6.1, iPadOS 16.6.1, and watchOS 9.6.2, Apple fixed the issues.

Thirteen actively exploited zero-day vulnerabilities have already been addressed by the organization in 2023. The list of issues the company fixed is below:

  • July 2023 – CVE-2023-37450 and CVE-2023-38606.
  • June 2023 – CVE-2023-32434, CVE-2023-32435, and CVE-2023-32439.
  • May 2023 – CVE-2023-32409, CVE-2023-28204, and CVE-2023-32373).
  • April 2023 – CVE-2023-28206 and CVE-2023-28205.
  • February 2023 – CVE-2023-23529).

About The Author

Suraj Koli is a content specialist with expertise in Cybersecurity and B2B Domains. He has provided his skills for News4Hackers Blog and Craw Security. Moreover, he has written content for various sectors Business, Law, Food & Beverage, Entertainment, and many others. Koli established his center of the field in a very amazing scenario. Simply said, he started his career selling products, where he enhanced his skills in understanding the product and the point of view of clients from the customer’s perspective, which simplified his journey in the long run. It makes him an interesting personality among other writers. Currently, he is a regular writer at Craw Security.

Cyber Security course

Read More Article Here:

A Bengaluru Teacher Lost ₹32 Lakh to Cyber Fraud After Discovering “5 Passports in Your Name”

Zero-Day Alert: Recently Widely Exploited Flaw is Fixed in Latest Android Patch Update

About Author

Leave a Reply

Your email address will not be published. Required fields are marked *

Open chat
Hello
Can we help you?