The Cloud Consultancy Europe Ltd.
+44 (0) 203 637 6667 [email protected]

Apple on Monday backported fixes for an actively exploited security flaw to older iPhone and iPad models.

Image Source: The Hacker News

The issue, tracked as CVE-2023-23529, concerns a type confusion bug in the WebKit browser engine that could lead to arbitrary code execution.

It was originally addressed by the tech giant with improved checks as part of updates released on February 13, 2023. An anonymous researcher has been credited with reporting the bug.

“Processing maliciously crafted web content may lead to arbitrary code execution,” Apple said in a new advisory, adding it’s “aware of a report that this issue may have been actively exploited.”

Details surrounding the exact nature of exploitation are currently not known, but withholding technical specifics is standard procedure as it helps prevent additional in-the-wild abuse targeting susceptible devices.

The update is available in versions iOS 15.7.4 and iPadOS 15.7.4 for iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation).

The disclosure comes as Apple rolled out iOS 16.4, iPadOS 16.4, macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5, tvOS 16.4, and watchOS 9.4 with numerous bug fixes.

Source: The Hacker News   By: Ravie Lakshmanan

 

Whatever your business, however big or small it is, you will receive phishing attacks at some point. Think about how you will help your staff understand the threat and how to spot phishing. As with other advice, give them the tools to defend against it in their personal lives and they will bring that behaviour back to work. Let The Cloud Consultancy secure your business.