Hey there, Apple enthusiasts! Big news from Apple as they have just tackled two zero-day vulnerabilities that were causing trouble for their Intel-based Macs. Not only did they release the fixes, but they also revealed that these flaws were actively being exploited. So, if you’re an Apple user, it’s essential to update your system pronto!
Discovering Two Zero-Day Flaws in Intel-based Apple Macs
If you own a Macbook, listen up! Apple has just rolled out crucial vulnerability fixes to address two zero-day flaws that were causing chaos on Intel-based Macs. These vulnerabilities were actually being exploited even before a fix was in place.
Apple’s advisory outlines the two vulnerabilities that were plaguing Intel-based Mac systems. While the severity ratings and CVSS scores are still a bit hazy, the identified vulnerabilities are:
- CVE-2024-44308: This vulnerability in JavaScriptCore could lead to arbitrary code execution through malicious web content, which Apple has addressed with enhanced checks.
- CVE-2024-44309: A cross-site scripting vulnerability in WebKit that could be exploited via malicious web content. Apple tackled this issue with improved state management to address the “cookie management issue.”
Security researchers Clément Lecigne and Benoît Sevens from Google’s Threat Analysis Group (TAG) were the first to flag these vulnerabilities. Apple swiftly responded by patching the flaws and pushing out the fixes with macOS Sequoia 15.1.1.
Not just Macs, Apple also extended these security fixes to iPhones, iPads, and Apple Vision devices, as they too were vulnerable. The updates were released as iOS 17.7.2 and iPadOS 17.7.2, iOS 18.1.1 and iPadOS 18.1.1, and visionOS 2.1.1. While eligible devices will receive the updates automatically, it’s always wise to manually check for updates to ensure your devices are patched in a timely manner.
Apple has been on top of addressing zero-day vulnerabilities this year, with fixes rolled out in January, March, and May. It’s great to see them staying vigilant!
We’d love to hear your thoughts on this. Drop a comment below and let’s discuss!