Apple has rushed out emergency patches for iPhone, iPad, and Mac to address two serious zero-day vulnerabilities that may have compromised Intel-based Macs.
The flaw CVE-2024-44308 allows arbitrary code execution through malicious web content, risking complete control of the device, while CVE-2024-44309 leads to cross-site scripting attacks.
Apple confirmed that these vulnerabilities may have been actively exploited on Intel-based Macs, but the updates ensure that iPhones and iPads are also protected.
The updates enhance security by implementing improved checks in JavaScriptCore and resolving a cookie management issue in WebKit to prevent malicious exploitation.
Collection
[
|
...
]