Thursday, December 5, 2024
HomeAppleApple Security Fixes for iPhone, iPad, Safari, Watch & Sonoma14: Update Now!

Apple Security Fixes for iPhone, iPad, Safari, Watch & Sonoma14: Update Now!

Published on

SIEM as a Service

Apple previously reported three zero-day vulnerabilities exploited in the wild by threat actors, which Apple fixed as part of an Emergency patch update.

However, a new security advisory has been released by Apple, which mentions all the security patches and vulnerabilities that Apple has fixed.

In the advisory, a list of Apple products was provided for users to take note of. The list includes iPhone, iPad, iPod touch, Safari, Apple Watch, macOS, iOS, and Apple TV. It is important to be aware of these products in order to ensure their proper usage and maintenance.

- Advertisement - SIEM as a Service
Document
FREE Demo

Deploy Advanced AI-Powered Email Security Solution

Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware

Latest Software Updates From Apple

As per the reports, the latest version of iOS and iPad OS was 17.0.2, macOS was 14 (Sonoma), tvOS for Apple TV was 17, watchOS was 10.0.1 for Apple Watch Series 4 and 10.0.2 for Apple Watch Series 9 and Apple Watch Ultra.

“Note that after a software update is installed for iOS, iPadOS, tvOS, and watchOS, it cannot be downgraded to the previous version,” reads the advisory by Apple.

Several products and their respective patches were mentioned in the advisory, including the latest iPhone 15, released recently. However, no relatable CVE(s) were identified for iPhone 15. 

As of macOS Sonoma, multiple vulnerabilities were patched with CVEs ranging in severity between medium to High were fixed as part of the security patch. Moreover, the advisory mentioned all the security updates released between January 2020 and September 2023 for all products, applications, and services. 

Safari had five vulnerabilities: CVE-2023-40417 (UI Spoofing), CVE-2023-40451 (JS execution leading to arbitrary code execution), CVE-2023-41074, CVE-2023-35074, & CVE-2023-41993 (Arbitrary code execution vulnerabilities) which Apple fixed.

“Apple doesn’t disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are generally available. This document lists recent releases, including security updates and Rapid Security Responses.” reads the statement by Apple.

Users of all the mentioned Apple products, including iTunes, iCloud, Xcode, Studio Display Firmware, and other applications, are recommended to upgrade to the latest version of these products in order to prevent these vulnerabilities from getting exploited by threat actors.

Protect yourself from vulnerabilities using Patch Manager Plus to quickly patch over 850 third-party applications. Take advantage of the free trial to ensure 100% security.

Eswar
Eswar
Eswar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Latest articles

HCL DevOps Deploy / Launch Vulnerability Let Embed arbitrary HTML tags

Recently identified by security researchers, a new vulnerability in HCL DevOps Deploy and HCL...

CISA Warns of Zyxel Firewalls, CyberPanel, North Grid, & ProjectSend Flaws Exploited in Wild

The Cybersecurity and Infrastructure Security Agency (CISA) has issued warnings about several vulnerabilities being...

HackSynth : Autonomous Pentesting Framework For Simulating Cyberattacks

HackSynth is an autonomous penetration testing agent that leverages Large Language Models (LLMs) to...

Fuji Electric Indonesia Hit by Ransomware Attack

Fuji Electric Indonesia has fallen victim to a ransomware attack, impacting its operations and...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

HCL DevOps Deploy / Launch Vulnerability Let Embed arbitrary HTML tags

Recently identified by security researchers, a new vulnerability in HCL DevOps Deploy and HCL...

CISA Warns of Zyxel Firewalls, CyberPanel, North Grid, & ProjectSend Flaws Exploited in Wild

The Cybersecurity and Infrastructure Security Agency (CISA) has issued warnings about several vulnerabilities being...

HackSynth : Autonomous Pentesting Framework For Simulating Cyberattacks

HackSynth is an autonomous penetration testing agent that leverages Large Language Models (LLMs) to...