Skip to main content

Apple says iOS 14.5.1 and macOS 11.3.1 patch WebKit flaws that may have been actively exploited

posted onMay 4, 2021
by l33tdawg
9 to 5 Mac
Credit: 9 to 5 Mac

Apple released updates for iPhone, iPad, Mac, and Apple Watch today with multiple security updates. The patched flaws involved malicious web content that could lead to arbitrary code execution – and Apple says they may have been actively exploited.

Apple released iOS 14.5.1 and iOS 12.5.3, macOS 11.3.1, and watchOS 7.4.1 today with the primary changes being security fixes (App Tracking Transparency bug fix for iOS too). So be sure to install the newest updates to get the latest protection.

In support documents, Apple detailed the web flaws that were fixed. The first flaw meant that “Processing maliciously crafted web content may lead to arbitrary code execution.” Memory corruption was at play here and Apple says it fixed the issue with “improved state management.” A second flaw also dealt with the same potential for malicious web content potentially executing arbitrary code and Apple says it also may have been exploited in the wild. On this one, Apple solved the problem with an integer overflow and “improved input validation.”

Source

Tags

Apple Security

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th