Quick Hits

Apple Releases Security Update for Webkit Flaw

A Webkit use-after-free vulnerability in iOS, iPadOS, Monterey, and Safari may already have been exploited, Apple said in a security advisory issued today.

Apple released security updates today for iOS, macOS, and iPadOS that fix a flaw in Webkit that "may have been actively exploited," the vendor said.

The use-after-free vulnerability (CVE-2022-22620) could allow an attacker to use malicious Web content to execute malicious code. Apple released security updates for Safari 15.3 (v. 16612. and 15612. for macOS Big Sur and Catalina, macOS Monterey 12.2.1, and iOS 15.3.1 and iPadOS 15.3.1.

Apple said in its advisory that the Webkit flaw was fixed in each update "with improved memory management."