Apple not too long ago addressed two zero-day vulnerabilities affecting its Intel-based Macs. Alongside releasing the fixes, the agency additionally confirmed detecting energetic exploitation of the issues, urging customers to replace their programs as quickly as potential.
Two Zero-Day Flaws Discovered In Intel-based Apple Macs
Apple customers should replace their Macbooks because the tech large rolled out vulnerability fixes. Particularly, the agency addressed two zero-day flaws affecting its Intel-based Macs, which even went below assault earlier than a repair.
In keeping with Apple’s advisory, the next are the 2 vulnerabilities that plagued Intel-based Mac programs. Though each vulnerabilities have acquired the respective CVE identifiers, their severity rankings and CVSS scores stay unclear.
- CVE-2024-44308: A vulnerability in JavaScriptCore that would enable arbitrary code execution by processing maliciously crafted internet content material. Apple addressed this situation with improved checks.
- CVE-2024-44309: A cross-site scripting vulnerability in WebKit that an adversary might exploit by processing maliciously crafted internet content material. Concerning the repair, Apple talked about addressing this “cookie administration situation” with improved state administration.
Each vulnerabilities first caught the eye of safety researchers Clément Lecigne and Benoît Sevens from Google’s Risk Evaluation Group (TAG). The researchers then reported the matter to Apple, which patched the issues and launched the fixes with macOS Sequoia 15.1.1.
In addition to Macs, Apple additionally launched the identical safety fixes for its iPhones, iPads, and Apple Imaginative and prescient gadgets, which additionally exhibited these points. Therefore, the risk remained as extreme for these merchandise as for Macs. Apple launched the safety fixes with iOS 17.7.2 and iPadOS 17.7.2, iOS 18.1.1 and iPadOS 18.1.1, and visionOS 2.1.1. Whereas the updates would routinely attain the eligible gadgets, customers ought to nonetheless examine their gadgets manually for any updates to make sure patching their gadgets in time.
Apple has addressed a number of zero-days this yr, releasing fixes in January, March, and Could.
Tell us your ideas within the feedback.
