Apple users have been advised to update their devices as soon as possible because some vulnerabilities that can lead to users losing control of their devices to hackers who intend to steal personal information and install malware on vulnerable devices. Although these vulnerabilities were discovered early enough, and a patch was provided immediately, several users can still be impacted if they do not update their devices to fix these vulnerabilities.
The vulnerability tracked as CVE-2023-23529 exists due to a type confusion error when parsing web content in WebKit, which can allow a remote attacker to trick the victim into visiting a specially crafted website, triggering a type confusion error and executing arbitrary code on the target system.
CVE-2023-23514 exists due to a use-after-free error within the OS kernel, allowing a local application to trigger a use-after-free error and execute arbitrary code with kernel privileges. While CVE-2023-23522Â exists due to the insecure handling of temporary files in Shortcuts, which can allow a local application can gain unauthorized access to unprotected user data.
Although these vulnerabilities are being actively exploited in the wild, it’s eminent for all Apple iOS, iPad, and MacOS users to update their devices.
