Apple releases security updates to address multiple zero-day vulnerabilities across its product line

Apple has released security updates across its product line, including iOS, iPadOS, macOS, tvOS, watchOS, and Safari, in response to multiple security vulnerabilities.

The updated versions address numerous security flaws, including several zero-day vulnerabilities. These vulnerabilities could potentially be exploited by hackers to alter elements of the operating system or execute code at will.

One of these zero-day vulnerabilities, identified as CVE-2023-38606, allows an app to modify sensitive kernel state. Apple has received reports of this issue being actively exploited in versions of iOS released before iOS 15.7.1. Another critical issue pertains to WebKit and is tracked as CVE-2023-37450. According to Apple, processing web content could lead to arbitrary code execution, and this issue has also reportedly been actively exploited.

Since the start of 2023, Apple has addressed a total of 11 zero-day vulnerabilities affecting its software with this latest round of patches. Earlier in the month, Apple issued Rapid Security Response (RSR) updates to fix a bug (CVE-2023-37450) affecting fully-patched iPhones, Macs, and iPads. However, these updates were quickly withdrawn.