Update now! Apple releases software to patch critical security flaws
In a move to protect its users, Apple has pushed critical security updates for its macOS and iOS platforms, addressing two actively exploited vulnerabilities. The flaws, which were discovered by Google's Threat Analysis Group (TAG), are actively targeting Intel-based macOS systems. The news was confirmed by Apple in an advisory released on Tuesday.
Details of the patched vulnerabilities
The first vulnerability, tagged CVE-2024-44308, is associated with JavaScriptCore. It relates to the handling of malicious web content that could result in arbitrary code execution. The second vulnerability, tagged CVE-2024-44309, is related to WebKit and involves handling malicious web content that could trigger a cross-site scripting attack. Both issues have been flagged as actively exploited on Intel-based Mac systems.
Apple urges users to update their devices
In light of these security threats, Apple is urging its users to promptly apply the iOS 18.1.1, macOS Sequoia 15.1.1 and the older iOS 17.7.2 updates across all devices in the Apple ecosystem. The advice comes as part of the company's efforts to mitigate potential risks associated with these vulnerabilities and protect user data from unauthorized access or manipulation by malicious actors exploiting these weaknesses in its systems' security architecture.
Recent malware campaign targeted macOS users
Just earlier this month, North Korean cryptocurrency thieves were caught targeting macOS users with a new malware campaign. The malicious activity involved phishing emails, counterfeit PDF apps, and a unique method to bypass Apple's security measures. The recent security updates released by Apple are part of its ongoing efforts to safeguard its user base from such threats and ensure the integrity of its systems.
