Apple Addresses Web Content Execution Vulnerability in Safari, macOS Sequoia, iOS, iPadOS, and visionOS

Summary

The vulnerability CVE-2024-44308 has been addressed by Apple in Safari, macOS Sequoia, iOS, iPadOS, and visionOS. It is a web content execution vulnerability that could lead to arbitrary code execution. The issue has been fixed in various software versions, and Apple is aware of a report that it may have been actively exploited on Intel-based Mac systems. The vulnerability CVE-2024-44309 is another zero-day vulnerability in macOS Sequoia that has been exploited in the wild. It affects the WebKit browser engine and JavaScriptCore, potentially allowing for arbitrary code execution and cross-site scripting attacks. Apple has patched these vulnerabilities in various software versions to protect users. The potential impact of these vulnerabilities is severe, as they could be exploited to compromise systems and conduct targeted attacks.

News Articles

CybersecurityNews

CVE-2024-44308CVE-2024-44309

CISA Warns of Apple & Oracle Agile Vulnerabilities Exploited in Wild

CISA has issued an urgent advisory regarding three critical vulnerabilities affecting Apple and Oracle products.

23 hours ago

O'Grady's PowerPage

CVE-2024-44308

Tag: CVE-2024-44308

Following up on yesterday’s story about how Apple pushed major macOS, iOS, and iPadOS security updates out the door to cover a pair of vulnerabilities, it appears that the vulnerabilities are already being...

2 days ago

TechTarget

CVE-2024-44309CVE-2024-44308

Apple warns 2 macOS zero-day vulnerabilities under attack | TechTarget

Apple published a security update with limited details on zero-day vulnerabilities CVE-2024-44308 and CVE-2024-44309 in macOS Sequoia.

3 days ago

More News...