Apple has released critical security updates to address a new zero-day vulnerability used in attacks to hack into iPhones, iPads and Mac computers
The patch is listed as CVE-2023-23529 and targets WebKit that can be exploited to trigger OS crashes.
A successful exploit allows attackers to run malicious code on devices running vulnerable versions of iOS, iPadOS, and macOS.
The full list of affected devices is quite extensive, as the bug affects both older and newer models, and includes:
• iPhone 8 and later
• iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
• Macs running macOS Ventura
Today, Apple also patched a kernel exploit (CVE-2023-23514) reported by Xinru Chi of Pangu Labs and Ned Williamson of Google Project Zero that could lead to malicious code with kernel privileges on Macs and iPhones.
It is recommended to update as soon as possible.