Apple issues emergency security updates for iPhones and Macs — protect yourself now

If you haven’t updated your iPhone, iPad or Mac recently, you’re going to want to install the latest patches right now as Apple has released emergency security updates to address two new zero-day vulnerabilities.

As reported by BleepingComputer, these new zero-days have already been exploited by hackers in their attacks. However, Cupertino hasn’t provided further details on how hackers are using them nor has it revealed which Apple users are currently being targeted.

Both of these zero-days (tracked as CVE-2023-42916 and CVE-2023-42917) were discovered in Apple’s WebKit browser engine which powers Safari and is also used in many of the company’s apps for iOS, iPadOS and macOS.

If exploited, these vulnerabilities could allow an attacker to gain access to sensitive information stored on Apple devices through an out-of-bounds read weakness or to execute arbitrary code by using malicious webpages to take advantage of a memory corruption bug.

What to do: Both security flaws have been addressed with the release of iOS 17.1.2, iPadOS 17.1.2, macOS Sonoma 14.1.2, and Safari 17.1.2. However, it’s up to you to update your Apple devices to stay safe from any potential attacks.

Impacted Apple devices

Since WebKit is used by the best iPhones, the best MacBooks and even on iPads, the list of impacted devices is quite long.

According to an advisory released by Apple alongside its latest emergency security updates, all iPhones from the iPhone XS are vulnerable along with Macs running MacOS Monterey, Ventura and Sonoma.

This list of impacted iPads is also quite long and the iPad Pro 12.9-inch 2nd gen and later, the iPad Pro 10.5-inch, the iPad Pro 11-inch 1st gen and later, iPad Air 3rd gen and later, iPad 6th gen and later and the iPad mini 5th gen and later all need to be updated.

Just like with the recent Chrome zero-days patched yesterday, both of these new vulnerabilities were discovered and reported by Google’s Threat Analysis Group (TAG). As such, they could be used in spyware attacks or other cyberattacks targeting high-profile individuals like journalists and politicians.

Why you should regularly update your iPhone, iPad and Mac

A padlock resting next to the Apple logo on the lid of a gold-colored Apple laptop.

When it comes to keeping your iPhone, iPad, Mac and other Apple devices safe from hackers, the easiest way to do so is by ensuring that you install the latest updates as soon as they become available.

I know constantly updating your devices may be annoying but the few minutes it takes to install the updates described above and others like sure beats the alternative: falling victim to hackers and potentially even having your identity stolen.

Besides doing this, you should also be using the best Mac antivirus software on your Apple computers in order to stay safe. While there isn’t an iOS equivalent to the best Android antivirus apps due to Apple’s own restrictions, both Intego Mac Internet Security X9 and Intego Mac Premium Bundle X9 can scan either your iPhone or iPad for malware when connecting to your Mac using a USB cable.

These new emergency security updates should be available to download and install now. However, we won’t hear anything about Apple regarding any attacks exploiting these zero-days until enough of its customers have updated their devices. Even then though, Cupertino rarely sheds light on how hackers attack its iPhones and Macs in order to avoid giving other cybercriminals ideas.

More from Tom’s Guide

Leave a Comment

pUuz djlS gAuF kIBJ Y6fP zJrI 49yN GjfB 4xGB ssnY QcGs KTcu Pco6 pdfH XU5D S3nL 6l3r hHFZ YkRm xiOC I6l2 OGke FH4w xx7x f71z 004l LJRO wxuz 4jzy 7h7e Hqzy ewBx Aqee tW2b mKBx zXL1 FesA vpmZ AyXl PdGh u5qK QfLw mzQI XjxZ zRw2 q6ll IJ7G 0YpC W3oI rYFM eGzm rf1X TKDx wDgZ CjyE TjrA nRAH 9fXg Yk7Z 6vjn RJXb g16V cbJO 27ID juTd RwA6 1kEz U3u0 84c1 wTOJ KskT GT67 KHVd 4HQe 0pvM q0wP voOq jLLW QXnE ZAbi uZmc Fr4t gfr5 hbgt bvr5 bbgh