Apple on Monday backported a fix for an actively exploited security flaw to older iPhone and iPad models.
The issue is tracked as CVE-2023-23529relates to a type confusion bug in the WebKit browser engine that can lead to the execution of arbitrary code.
This was originally addressed by the tech giant with improved checks as part of an update released on February 13, 2023. An anonymous researcher allegedly reported the bug.
Discover the hidden dangers of third-party SaaS apps
Are you aware of the risks associated with third-party app access to your company’s SaaS apps? Join our webinar to learn about the types of permissions granted and how to minimize the risks.
reserve a seat
“Processing maliciously crafted web content may lead to arbitrary code execution,” Apple said in a new advisory. We are aware of reports that
While details regarding the exact nature of the exploit are currently unknown, it is standard practice to withhold technical details to prevent additional exploits targeting susceptible devices.
This update supports iOS 15.7.4 and iPadOS 15.7.4 on iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod. version is available. Touch (7th generation).
This disclosure comes as Apple rolls out iOS 16.4, iPadOS 16.4, macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5, tvOS 16.4, and watchOS 9.4 along with numerous bug fixes.
