Apple has rolled out critical software updates to mitigate risks from two zero-day vulnerabilities, CVE-2024-44308 and CVE-2024-44309, targeting multiple platforms including iOS, macOS, and Safari.
CVE-2024-44308 allows arbitrary code execution through maliciously crafted web content, and it has reportedly been exploited in the wild on Intel-based Mac systems.
CVE-2024-44309, a cookie management issue in WebKit, facilitates cross-site scripting attacks, leaving users vulnerable to session cookie theft and potential credential loss.
As noted by Michael Covington, swift action is essential to address WebKit vulnerabilities due to its critical role in Safari, enhancing the prevention of malicious activity.
Collection
[
|
...
]