WWW.MACWORLD.COM
PSA: Update your Mac right now to patch this actively exploited zero-day flaw
MacworldAhead of the eagerly anticipated macOS 15.2 update, Apple on Tuesday released the macOS Sequoia 15.1.1 emergency update to patch a pair of scary vulnerabilities that have already been used in remote attacks.The two patches fix flaws in JavaScript and WebKit, and were both discovered by Googles Threat Analysis Group. Apple says both vulnerabilities may have been actively exploited on Intel-based Mac systems. Apple doesnt specifically say whether Apple silicon Macs are affected, but the same flaws were patched in iOS 18.1.1.JavaScriptCoreImpact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.Description: The issue was addressed with improved checks.WebKit Bugzilla: 283063CVE-2024-44308: Clment Lecigne and Benot Sevens of Googles Threat Analysis GroupWebKitImpact: Processing maliciously crafted web content may lead to a cross site scripting attack. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.Description: A cookie management issue was addressed with improved state management.WebKit Bugzilla: 283095CVE-2024-44309: Clment Lecigne and Benot Sevens of Googles Threat Analysis GroupWhile the update is available for all Macs running macOS 15.1, there is no release for Macs running macOS Sonoma 14.7.1 or Ventura 13.7.1. Apple will likely patch the same vulnerabilities in those systems when macOS 15.2 arrives in December.To update your Mac, head over to System Settings, then General, Software Update, and select Update Now. Then follow the prompts to restart.
0 Поделились
41 Просмотры