Friday, December 8, 2023

Apple Security Fixes for iPhone, iPad, Safari, Watch & Sonoma14: Update Now!

Apple previously reported three zero-day vulnerabilities exploited in the wild by threat actors, which Apple fixed as part of an Emergency patch update.

However, a new security advisory has been released by Apple, which mentions all the security patches and vulnerabilities that Apple has fixed.

In the advisory, a list of Apple products was provided for users to take note of. The list includes iPhone, iPad, iPod touch, Safari, Apple Watch, macOS, iOS, and Apple TV. It is important to be aware of these products in order to ensure their proper usage and maintenance.


Deploy Advanced AI-Powered Email Security Solution

Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware

Latest Software Updates From Apple

As per the reports, the latest version of iOS and iPad OS was 17.0.2, macOS was 14 (Sonoma), tvOS for Apple TV was 17, watchOS was 10.0.1 for Apple Watch Series 4 and 10.0.2 for Apple Watch Series 9 and Apple Watch Ultra.

“Note that after a software update is installed for iOS, iPadOS, tvOS, and watchOS, it cannot be downgraded to the previous version,” reads the advisory by Apple.

Several products and their respective patches were mentioned in the advisory, including the latest iPhone 15, released recently. However, no relatable CVE(s) were identified for iPhone 15. 

As of macOS Sonoma, multiple vulnerabilities were patched with CVEs ranging in severity between medium to High were fixed as part of the security patch. Moreover, the advisory mentioned all the security updates released between January 2020 and September 2023 for all products, applications, and services. 

Safari had five vulnerabilities: CVE-2023-40417 (UI Spoofing), CVE-2023-40451 (JS execution leading to arbitrary code execution), CVE-2023-41074, CVE-2023-35074, & CVE-2023-41993 (Arbitrary code execution vulnerabilities) which Apple fixed.

“Apple doesn’t disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are generally available. This document lists recent releases, including security updates and Rapid Security Responses.” reads the statement by Apple.

Users of all the mentioned Apple products, including iTunes, iCloud, Xcode, Studio Display Firmware, and other applications, are recommended to upgrade to the latest version of these products in order to prevent these vulnerabilities from getting exploited by threat actors.

Protect yourself from vulnerabilities using Patch Manager Plus to quickly patch over 850 third-party applications. Take advantage of the free trial to ensure 100% security.


Latest articles

Exploitation Methods Used by PlugX Malware Revealed by Splunk Research

PlugX malware is sophisticated in evasion, as it uses the following techniques to avoid...

TA422 Hackers Attack Organizations Using Outlook & WinRAR Vulnerabilities

Hackers exploit Outlook and WinRAR vulnerabilities because these widely used software programs are lucrative...

Bluetooth keystroke-injection Flaw: A Threat to Apple, Linux & Android Devices

An unauthenticated Bluetooth keystroke-injection vulnerability that affects Android, macOS, and iOS devices has been...

Atlassian Patches RCE Flaw that Affected Multiple Products

Atlassian has been discovered with four new vulnerabilities associated with Remote Code Execution in...

Reflectiz Introduces AI-powered Insights on Top of Its Smart Alerting System

Reflectiz, a cybersecurity company specializing in continuous web threat management, proudly introduces a new...

SLAM Attack Gets Root Password Hash in 30 Seconds

Spectre is a class of speculative execution vulnerabilities in microprocessors that can allow threat...

Akira Ransomware Exploiting Zero-day Flaws For Organization Network Access

The Akira ransomware group, which first appeared in March 2023, has been identified as...
Eswar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Endpoint Strategies for 2024 and beyond

Converge and Defend

What's the pulse of Unified Endpoint Management and Security (UEMS) in Europe? Join us live to uncover the strategies that are defining endpoint security in the region.

Related Articles