Apple has released a new security update for its iPhone, Mac, and iPad devices. If you have not already installed the update, do so now. The new security update includes fixes for a zero-day exploit that could allow attackers to take control of your device. The exploit is located in the Safari browser and is described as a “remote code execution vulnerability”. If you are affected by this vulnerability, please install the update as soon as possible. Apple recommends that you also use two-factor authentication to protect your device from unauthorized access. Two-factor authentication is an optional feature on many Apple products and can be enabled through the Settings app on your device.
Apple released Safari 15.6.1 this week, which includes a fix for a security vulnerability labelled as CVE-2022-32893. The bug allowed malicious web pages to execute code on devices, using an out-of-bounds write issue in Safari’s WebKit rendering engine. Apple says it is “aware of a report that this issue may have been actively exploited.”
Unlike Chrome, Firefox, and most other web browsers, new versions of Safari are mostly distributed through operating system updates. Apple has released macOS Monterey 12.5.1, iOS 15.6.1, and iPadOS 15.6.1 with the fix for Safari, as well as other security updates. There are also security updates rolling out for older versions of macOS, including Big Sur and Catalina.
You should update your Mac, iPhone, and/or iPad once you have some free time. iPhones and iPads use the WebKit engine to render all web pages, even if you use other apps for web browsing, like Firefox or Chrome. Mac owners that use third-party browsers are at a lower risk, but Safari is still used for login pages and other embedded web content across macOS.
Source: Apple Via: MacRumors