Apple has released security updates for vulnerabilities under active attack and affecting multiple products, including iOS, WatchOS, and iPadOS. The patches fix WebKit flaws that can be exploited by threat actors by utilizing maliciously crafted web content that ultimately leads to arbitrary code execution, according to Apple. The statement released by the tech giant includes a warning that the vulnerabilities may already be exploited in the wild.
The updates address bugger overflow issues, memory corruption flaws, and integer overflow on macOS and iOS. The Cybersecurity and Infrastructure Security Agency issued their own warning, encouraging users and administrators to install the latest updates and review Apple’s statements. The CISA warns that attackers could exploit the vulnerabilities to take control of an unpatched device.