{"id":128060,"date":"2024-11-20T14:38:50","date_gmt":"2024-11-20T07:38:50","guid":{"rendered":"https:\/\/hotvideos24.online\/?p=128060"},"modified":"2024-11-20T14:38:50","modified_gmt":"2024-11-20T07:38:50","slug":"apple-releases-urgent-updates-to-patch-actively-exploited-zero-day-vulnerabilities","status":"publish","type":"post","link":"https:\/\/hotvideos24.online\/?p=128060","title":{"rendered":"Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities"},"content":{"rendered":"<p> <script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-3711241968723425\"\r\n     crossorigin=\"anonymous\"><\/script>\r\n<ins class=\"adsbygoogle\"\r\n     style=\"display:block\"\r\n     data-ad-format=\"fluid\"\r\n     data-ad-layout-key=\"-fb+5w+4e-db+86\"\r\n     data-ad-client=\"ca-pub-3711241968723425\"\r\n     data-ad-slot=\"7910942971\"><\/ins>\r\n<script>\r\n     (adsbygoogle = window.adsbygoogle || []).push({});\r\n<\/script><br \/>\n<\/p>\n<div>\n<p><span class=\"p-author\"><i class=\"icon-font icon-calendar\">\ue802<\/i><span class=\"author\">Nov 20, 2024<\/span><i class=\"icon-font icon-user\">\ue804<\/i><span class=\"author\">Ravie Lakshmanan<\/span><\/span><span class=\"p-tags\">Zero Day \/ Vulnerability<\/span><\/p>\n<\/div>\n<div id=\"articlebody\">\n<div class=\"separator\" style=\"clear: both;\"><a href=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjD5XLqCBlMlu8dFR_aRirjkb36_6qyPuVt9k8sWVCOhAmpUDSOkaZBL5xpMIwhLpofolfB4rMs0Ob8eR8WmCZa9WkMdi7EyYwqyOG15Liq-DYmbaEkAEtCJcj0PDbn5d2luTjiVK4nx8DBVcO-CwpGWS6q0lZ_Plg2paBqC_FiID2Ikm5TC6qLEqxGonmO\/s728-rw-e365\/apple-pdates.png\" style=\"clear: left; display: block; float: left;  text-align: center;\"><img decoding=\"async\" src=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjD5XLqCBlMlu8dFR_aRirjkb36_6qyPuVt9k8sWVCOhAmpUDSOkaZBL5xpMIwhLpofolfB4rMs0Ob8eR8WmCZa9WkMdi7EyYwqyOG15Liq-DYmbaEkAEtCJcj0PDbn5d2luTjiVK4nx8DBVcO-CwpGWS6q0lZ_Plg2paBqC_FiID2Ikm5TC6qLEqxGonmO\/s728-rw-e365\/apple-pdates.png\" alt=\"Apple Zero-Day Vulnerabilities\" border=\"0\" data-original-height=\"380\" data-original-width=\"728\" title=\"Apple Zero-Day Vulnerabilities\"\/><\/a><\/div>\n<p>Apple has released security updates for iOS, iPadOS, macOS, visionOS, and its Safari web browser to address two zero-day flaws that have come under active exploitation in the wild.<\/p>\n<p>The flaws are listed below &#8211;<\/p>\n<ul>\n<li><strong>CVE-2024-44308<\/strong> &#8211; A vulnerability in JavaScriptCore that could lead to arbitrary code execution when processing malicious web content<\/li>\n<li><strong>CVE-2024-44309<\/strong> &#8211; A cookie management vulnerability in WebKit that could lead to a cross-site scripting (XSS) attack when processing malicious web content<\/li>\n<\/ul>\n<div class=\"dog_two clear\"><center class=\"cf\"><a href=\"https:\/\/thehackernews.uk\/zerotrust-inside-d\" rel=\"nofollow noopener sponsored\" target=\"_blank\" title=\"Cybersecurity\"><img loading=\"lazy\" decoding=\"async\" class=\"lazyload\" alt=\"Cybersecurity\" src=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhXVjKHNKDH4WdMsPjT21ztu0Bi0rTuZJGnGZU4GDPVBYLsCZA6ZSQPi9N5P31vBC5Rok2-ri9zF3Qf81Yy3Sg4HxyMA8HOhJK4NGGmbOS-rF-nTOlz_EosU1sjbmcHH_4wEgc_1n08nI_cnHBsa9yCyQFnoW3p0N7MKwuUJqaK7miyuLBi9crEBsh4BS1T\/s728-e100\/zz-inside-d.png\" width=\"727\" height=\"90\"\/><\/a><\/center><\/div>\n<p>The iPhone maker said it addressed CVE-2024-44308 and CVE-2024-44309 with improved checks and improved state management, respectively. <\/p>\n<p>Not much is known about the exact nature of the exploitation, but Apple has acknowledged that the pair of vulnerabilities &#8220;may have been actively exploited on Intel-based Mac systems.&#8221;<\/p>\n<p>Cl\u00e9ment Lecigne and Beno\u00eet Sevens of Google&#8217;s Threat Analysis Group (TAG) have been credited with discovering and reporting the two flaws, indicating that they were likely put to use as part of highly-targeted government-backed or mercenary spyware attacks.<\/p>\n<p>The updates are available for the following devices and operating systems &#8211;<\/p>\n<ul>\n<li><a href=\"https:\/\/support.apple.com\/en-us\/121752\" rel=\"noopener\" target=\"_blank\">iOS 18.1.1 and iPadOS 18.1.1<\/a> &#8211; iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later<\/li>\n<\/ul>\n<ul>\n<li><a href=\"https:\/\/support.apple.com\/en-us\/121754\" rel=\"noopener\" target=\"_blank\">iOS 17.7.2 and iPadOS 17.7.2<\/a> &#8211; iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later<\/li>\n<li><a href=\"https:\/\/support.apple.com\/en-us\/121753\" rel=\"noopener\" target=\"_blank\">macOS Sequoia 15.1.1<\/a> &#8211; Macs running macOS Sequoia<\/li>\n<li><a href=\"https:\/\/support.apple.com\/en-us\/121755\" rel=\"noopener\" target=\"_blank\">visionOS 2.1.1<\/a> &#8211; Apple Vision Pro<\/li>\n<li><a href=\"https:\/\/support.apple.com\/en-us\/121756\" rel=\"noopener\" target=\"_blank\">Safari 18.1.1<\/a> &#8211; Macs running macOS Ventura and macOS Sonoma<\/li>\n<\/ul>\n<div class=\"dog_two clear\"><center class=\"cf\"><a href=\"https:\/\/thehackernews.uk\/cis-nov\" rel=\"nofollow noopener sponsored\" target=\"_blank\" title=\"Cybersecurity\"><img loading=\"lazy\" decoding=\"async\" class=\"lazyload\" alt=\"Cybersecurity\" src=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiAxSbAOIwY5p0wWv5znF6Nj42k-fIocSD-CC_fgf7B4WQKPZbJCilURnF5BAgXpuwEEjcBU2BeRdKaag8fw81D37T0OJG7Arl683j5xIhSrEv-88wJKyGgPtRSH1A-5Sz6Oa97Zg8gS0UhfS1E-6PfJwRE2o2yqakqaiVyW8RXxs4Pgxi3c7MA2z3jASGT\/s728-e100\/cis-d.png\" width=\"727\" height=\"90\"\/><\/a><\/center><\/div>\n<p>Apple has so far addressed a total of four zero-days in its software this year, including one (<a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-27834\" rel=\"noopener\" target=\"_blank\">CVE-2024-27834<\/a>) that was demonstrated at the Pwn2Own Vancouver hacking competition. The other three were patched in <a href=\"https:\/\/thehackernews.com\/2024\/01\/apple-issues-patch-for-critical-zero.html\" rel=\"noopener\" target=\"_blank\">January<\/a> and <a href=\"https:\/\/thehackernews.com\/2024\/03\/urgent-apple-issues-critical-updates.html\" rel=\"noopener\" target=\"_blank\">March 2024<\/a>.<\/p>\n<p>Users are advised to update their devices to the latest version as soon as possible to safeguard against potential threats.<\/p>\n<p><\/p>\n<div class=\"cf note-b\">Found this article interesting?  Follow us on <a href=\"https:\/\/twitter.com\/thehackersnews\" rel=\"noopener\" target=\"_blank\">Twitter <i class=\"icon-font icon-twitter\">\uf099<\/i><\/a> and <a href=\"https:\/\/www.linkedin.com\/company\/thehackernews\/\" rel=\"noopener\" target=\"_blank\">LinkedIn<\/a> to read more exclusive content we post.<\/div>\n<\/div>\n<p><script async src=\"\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\n<br \/><script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-3711241968723425\"\r\n     crossorigin=\"anonymous\"><\/script>\r\n<ins class=\"adsbygoogle\"\r\n     style=\"display:block\"\r\n     data-ad-format=\"fluid\"\r\n     data-ad-layout-key=\"-fb+5w+4e-db+86\"\r\n     data-ad-client=\"ca-pub-3711241968723425\"\r\n     data-ad-slot=\"7910942971\"><\/ins>\r\n<script>\r\n     (adsbygoogle = window.adsbygoogle || []).push({});\r\n<\/script><br \/>\n<br \/><div data-type=\"_mgwidget\" data-widget-id=\"1660802\">\r\n<\/div>\r\n<script>(function(w,q){w[q]=w[q]||[];w[q].push([\"_mgc.load\"])})(window,\"_mgq\");\r\n<\/script>\r\n<br \/>\n<br \/><a href=\"https:\/\/thehackernews.com\/2024\/11\/apple-releases-urgent-updates-to-patch.html\">Source link <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\ue802Nov 20, 2024\ue804Ravie LakshmananZero Day \/ Vulnerability Apple has released security updates for iOS, iPadOS, macOS, visionOS, and its Safari web browser to address two zero-day flaws that have come &hellip; <a href=\"https:\/\/hotvideos24.online\/?p=128060\" class=\"more-link\">Read More<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8630],"tags":[],"class_list":["post-128060","post","type-post","status-publish","format-standard","hentry","category-technology","entry"],"_links":{"self":[{"href":"https:\/\/hotvideos24.online\/index.php?rest_route=\/wp\/v2\/posts\/128060","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hotvideos24.online\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hotvideos24.online\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hotvideos24.online\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/hotvideos24.online\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=128060"}],"version-history":[{"count":0,"href":"https:\/\/hotvideos24.online\/index.php?rest_route=\/wp\/v2\/posts\/128060\/revisions"}],"wp:attachment":[{"href":"https:\/\/hotvideos24.online\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=128060"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hotvideos24.online\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=128060"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hotvideos24.online\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=128060"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}