The vulnerabilities may already be under active attack, Apple says in an advisory.
Apple has released several security updates to address vulnerabilities in multiple products including iOS, WatchOS and iPadOS.
Some of the new patches resolve WebKit flaws that can be exploited through "maliciously crafted web content" that could lead to arbitrary code execution, Apple officials write in an alert, noting attackers may already be using these in the wild.
"Apple is aware of a report that this issue may have been actively exploited," the company says in its advisory for WebKit vulnerabilities CVE-2021-30665 and CVE-2021-30663.
The updates address several problems, including buffer overflow and use after free issues on older iOS devices. Other updates patch a memory corruption issue and integer overflow on macOS and iOS.
CISA has also issued an advisory encouraging users and administrators to review the latest Apple security advisories and apply the necessary updates. "An attacker could exploit some of these vulnerabilities to take control of an affected device," the CISA warning says.
Last month, Apple issued a patch for a major security flaw in its newly released macOS 11.3.
The latest Apple advisories can be read here and the CISA release can be read here.
About the Author(s)
You May Also Like
Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them
April 4, 2024Cybersecurity Strategies for Small and Med Sized Businesses
April 11, 2024Defending Against Today's Threat Landscape with MDR
April 18, 2024Securing Code in the Age of AI
April 24, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024Black Hat Asia - April 16-19 - Learn More
April 16, 2024