Apple Releases Security Updates for Multiple Products
The released security updates include two exploited zero-day vulnerabilities in iOS, iPadOS, macOS, watchOS, and tvOS
Summary
The released security updates include two exploited zero-day vulnerabilities in iOS, iPadOS, macOS, watchOS, and tvOS
Affected platforms
The following platforms are known to be affected:
Threat details
Introduction
Apple have released eight security updates to address vulnerabilities in multiple products. The released include two exploited zero-day vulnerabilities, CVE-2023-37450 and CVE-2023-38606 affecting iOS, iPadOS, macOS, tvOS, and watchOS. A remote attacker could exploit some of these vulnerabilities to take control of a vulnerable system.
Exploitation of CVE-2023-37450 and CVE-2023-38606
Apple has reported that these vulnerabilities, known as CVE-2023-37450 and CVE-2023-38606, may have been actively exploited.
Remediation advice
Affected organisations are encouraged to review the following Apple security advisories and apply any relevant updates or workarounds.
Remediation steps
| Type | Step |
|---|---|
| Patch |
Safari 16.6 | HT213847 https://support.apple.com/en-gb/HT213847 |
| Patch |
iOS 16.6 and iPadOS 16.6 | HT213841 https://support.apple.com/en-gb/HT213841 |
| Patch |
iOS 15.7.8 and iPadOS 15.7.8 | HT213842 https://support.apple.com/en-gb/HT213842 |
| Patch |
macOS Ventura 13.5 | HT213843 https://support.apple.com/en-gb/HT213843 |
| Patch |
macOS Monterey 12.6.8 | HT213844 https://support.apple.com/en-gb/HT213844 |
| Patch |
macOS Big Sur 11.7.9 | HT213845 https://support.apple.com/en-gb/HT213845 |
| Patch |
tvOS 16.6 | HT213846 https://support.apple.com/en-gb/HT213846 |
| Patch |
watchOS 9.6 | HT213848 https://support.apple.com/en-gb/HT213848 |
Definitive source of threat updates
CVE Vulnerabilities
Last edited: 25 July 2023 2:35 pm