Apple has released security patches to address code execution flaws in iPhones, iPads, and macOS.
Apple documented a zero-day exploit that may have already been used on older iPhones iOS 16.7.8 and iPadOS 16.7.8. They also patched vulnerabilities that could allow code execution, data breaches, and system crashes.
For our customers’ protection, Apple doesn’t disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available.
Apple support said.
Vulnerabilities Impact
- CVE-2024-27789: An app may be able to access user-sensitive data.
- CVE-2024-23296: An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.
An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.
This is a critical security update and it is important that all Apple users install the patches as soon as possible. Zero-day exploits are particularly dangerous because they have not been previously identified and patched. This means that attackers may be able to exploit these vulnerabilities to gain access to devices and steal data.
The security patches address a variety of vulnerabilities, including those that could allow attackers to execute code on devices, steal data, or cause system crashes. It is important to note that these are just the vulnerabilities that Apple is aware of. It is possible that there are other vulnerabilities that have not yet been discovered.
Here are some recommendations to stay safe:
- Install the latest security patches from Apple as soon as possible.
- Keep your device software up to date, including your operating system, web browser, and other applications.
- Be careful about what links you click on and what attachments you open in emails.
- Use strong passwords and enable two-factor authentication whenever possible.