Apple Releases Security Updates Addressing Multiple Actively Exploited Vulnerabilities
Three exploited zero-day vulnerabilities in Safari, iOS, iPadOS, watchOS and macOS could lead to arbitrary code execution or privilege escalation
Summary
Three exploited zero-day vulnerabilities in Safari, iOS, iPadOS, watchOS and macOS could lead to arbitrary code execution or privilege escalation
Affected platforms
The following platforms are known to be affected:
Threat details
Introduction
Apple have released multiple security advisories to address three zero-day vulnerabilities in Safari, iOS, iPadOS, watchOS and macOS. An attacker could exploit these vulnerabilities to achieve arbitrary code execution, escalate privileges or bypass signature validation.
Exploitation of Multiple Vulnerabilities
Apple have reported that these vulnerabilities may have been actively exploited against versions of iOS before iOS 16.7.
Remediation advice
Affected organisations are encouraged to review the following Apple security advisories and apply any relevant updates or workarounds.
Remediation steps
| Type | Step |
|---|---|
| Patch |
Safari 16.6.1 | HT213930 https://support.apple.com/en-us/HT213930 |
| Patch |
iOS 17.0.1 and iPadOS 17.0.1 | HT213926 https://support.apple.com/en-us/HT213926 |
| Patch |
iOS 16.7 and iPadOS 16.7 | HT213927 https://support.apple.com/en-us/HT213927 |
| Patch |
watchOS 10.0.1 | HT213928 https://support.apple.com/en-us/HT213928 |
| Patch |
watchOS 9.6.3 | HT213929 https://support.apple.com/en-us/HT213929 |
| Patch |
macOS Ventura 13.6 | HT213931 https://support.apple.com/en-us/HT213931 |
| Patch |
macOS Monterey 12.7 | HT213932 https://support.apple.com/en-us/HT213932 |
Definitive source of threat updates
CVE Vulnerabilities
Last edited: 22 September 2023 2:49 pm