![]() ![]() In essence this means an attacker can try to lure his victims to a malicious site to compromise their devices. In other words, WebKit is the browser engine that powers Safari and other apps.Īpple says the impact of the vulnerability is that processing maliciously crafted web content may lead to arbitrary code execution. The bug ( CVE-2022-42856) was found in WebKit which is Apple’s web rendering engine. Since the vulnerability we’ll discuss below is already being exploited, it's important that you install the update your devices as soon as you can, if you haven’t already. Here's how to update your iPhone or iPad. ![]() The update may already have reached your device during your regular update routines, but it doesn't hurt to check if your device is at the latest update level. The patch is available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation). which includes a patch for this vulnerability. And indeed, Apple has now released security content for iOS 12.5.7. Back then we wondered why Apple specifically stated that the issue may have been actively exploited against versions of iOS released before iOS 15.1.Īt the time, our resident Apple expert Thomas Reed said that Apple has been known to release fixes for older systems when it is aware of active attacks taking place. In December, 2022, we warned our readers about an actively exploited vulnerability in Apple’s WebKit.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |