Advertisement
Australia markets closed
  • ALL ORDS

    8,491.50
    -7.20 (-0.08%)
     
  • ASX 200

    8,214.50
    -8.50 (-0.10%)
     
  • AUD/USD

    0.6753
    +0.0010 (+0.14%)
     
  • OIL

    75.49
    -0.36 (-0.47%)
     
  • GOLD

    2,674.20
    +34.90 (+1.32%)
     
  • Bitcoin AUD

    93,434.91
    +327.85 (+0.35%)
     
  • XRP AUD

    0.80
    -0.00 (-0.12%)
     
  • AUD/EUR

    0.6170
    +0.0011 (+0.18%)
     
  • AUD/NZD

    1.1044
    -0.0010 (-0.09%)
     
  • NZX 50

    12,845.64
    +91.06 (+0.71%)
     
  • NASDAQ

    20,271.97
    +30.21 (+0.15%)
     
  • FTSE

    8,253.65
    +15.92 (+0.19%)
     
  • Dow Jones

    42,863.86
    +409.74 (+0.97%)
     
  • DAX

    19,373.83
    +162.93 (+0.85%)
     
  • Hang Seng

    21,251.98
    +614.74 (+2.98%)
     
  • NIKKEI 225

    39,605.80
    +224.91 (+0.57%)
     

Apple releases security updates for iOS, iPadOS and macOS, fixing two actively exploited zero-days

Image Credits: Darrell Etherington / TechCrunch

Apple has released security updates for iPhones, iPads and Macs to patch against two vulnerabilities, which the company says are being actively exploited to hack people.

The technology giant rolled out new software updates, iOS and iPadOS 17.1.2, and macOS 14.1.2, following a vulnerability disclosure by security researchers at Google's Threat Analysis Group, which investigates government-backed cyberattacks.

In the updates rolled out Thursday, Apple said it fixed two vulnerabilities in WebKit, the browser engine that powers Safari and other apps. The vulnerabilities allow for hackers to remotely plant malicious code, such as spyware, on the person’s device over the internet. The bug is called a "zero-day" because the vendor is given no time, or zero days, to fix the vulnerability before it is actively exploited.

"Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1," Apple said in its security advisories, referring to the iPhone software released on October 11.

Apple also rolled out an update to its browser, Safari 17.1.2, for users running older versions of macOS Monterey and macOS Ventura, the company said.

It's not known who is exploiting these new zero-day vulnerabilities. Google has not yet attributed the exploitation to a particular malicious actor or government. Apple and Google did not provide further details of the vulnerabilities.

Earlier this week, Google patched its own zero-day vulnerability in Google Chrome, which the search giant said it was aware that an exploit for the vulnerability "exists in the wild." Google security researcher Maddie Stone said in a post on X, formerly Twitter, that the Chrome bug was fixed within four days. Apple fixed the bug reported by Google's researchers in just under a week.

Read more on TechCrunch: