Skip to content
Home ยป Apple Safari patches zero-day vulnerabilities

Apple Safari patches zero-day vulnerabilities

Apple Safari

Apple Safari was updated to fix vulnerabilities that could have been exploited by hackers using zero-day exploits.

In response to a critical security flaw that affects many versions of Apple’s operating systems, the company quickly released a patch for its Apple Safari.

Hence, the users using macOS Big Sur and Catalina are encouraged to update to Safari 15.6.1 as soon as possible.

An out-of-bounds write bug was fixed in WebKit, the engine used by Safari and many other web-enabled programmes, as part of the CVE-2022-32893 update.

Unacceptable typographical error

According to reports, the hole is already being exploited by malicious actors in the wild, and it presents a serious security risk because it might allow hackers to remotely take control of affected devices.

“Malicious web content can execute arbitrary code. Apple knows this flaw may have been exploited “Apple’s advisory said.

A threat actor causes an out-of-bounds write flaw when an input application writes data before or after the memory buffer. This crashes the programme, corrupts data, and lets attackers remotely execute code. Big Sur and Catalia use enhanced bounds checking like Monterey.

However, Apple remains silent until most endpoints are updated to fix the vulnerability.

Furthermore, an anonymous user alerted the firm to the problems, and it has now tested for both.

Apple has had a busy year patching zero-day vulnerabilities. Two such vulnerabilities, CVE-2022-22578 and CVE-2022-22594, were patched in January 2022, preventing arbitrary code execution with kernel privileges.

Therefore, Apple addressed CVE-2021-22674 and CVE-2022-22675, two zero-days exploited to execute malware with Kernel privileges, impacting iPhones, iPads, and Macs.

Leave a Reply

Your email address will not be published. Required fields are marked *