(The Epoch Times)—Apple has released urgent security updates for its iOS and other operating systems to patch against vulnerabilities that both the tech giant and U.S. cybersecurity officials warned could be actively exploited by hackers.
Apple’s security updates patch gaps in operating systems for the iPhone, iPad, and Mac products, as well as its Safari web browser, according to a series of security-related announcements on Nov. 19.
Specifically, the software updates target iOS 17.7.2 and iPadOS 17.7.2, iOS 18.1.1 and iPadOS 18.1.1, visionOS 2.1.1, macOS Sequoia 15.1.1, Safari 18.1, and Safari 18.1.1.
Apple noted that in all the above-listed cases, the patches fix two significant vulnerabilities in WebKit and JavaScriptCore. These vulnerabilities, which could lead to arbitrary code-execution attacks through malicious web content, may have been exploited by hackers.
“Apple is aware of a report that this issue may have been actively exploited on Intel-based Macs,” the company wrote in several of the security alerts.
No information was available as to the possible identity of any cyber-threat actors who may have exploited these vulnerabilities. In general, if hackers are able to execute arbitrary code through maliciously crafted web content, this could put sensitive user data at risk, potentially leading to unauthorized access, stolen credentials, or even device control.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) also took note of the security gaps in the listed Apple products.
Similarly, iOS 17.7.2 and iPadOS 17.7.2 extend coverage to slightly older devices like the iPad Pro 10.5-inch and the iPad 6th generation.
Mac users running macOS Sequoia 15.1.1 or Safari on macOS Ventura and macOS Sonoma are also affected, as are early adopters of visionOS 2.1.1 on the Apple Vision Pro.
