• Apple zero days out – September 2023

    Posted on September 21, 2023 at 22:22 CDT by Comment in the Forums

    Apple has fixes for zero days that have been under attack. It appears most are triggered by a specially crafted web content.

    • CVE-2023-41991 – A certificate validation issue in the Security framework that could allow a malicious app to bypass signature validation.
    • CVE-2023-41992 – A security flaw in Kernel that could allow a local attacker to elevate their privileges.
    • CVE-2023-41993 – A WebKit flaw that could result in arbitrary code execution when processing specially crafted web content.

     

    📱 iOS and iPadOS 17.0.1 – 3 bugs fixed
    📱 iOS and iPadOS 16.7 – 3 bugs fixed
    ⌚ watchOS 9.6.3 – 2 bugs fixed
    ⌚ watchOS 10.0.1 – 2 bugs fixed
    💻 macOS Ventura 13.6 – 3 bugs fixed
    💻 macOS Monterey 12.7 – 1 bug fixed

    Mind you iOS 17 *just* came out the other day.

    These security vulnerabilities have been seen in attacks in the wild.

    Apple
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • How to use the Forums
  • All Forums

    • Recent Topics

    December 2023
    S M T W T F S
     12
    3456789
    10111213141516
    17181920212223
    24252627282930
    31  

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2023 by AskWoody Tech LLC. All Rights Reserved.