Apple has released major security updates for its macOS and iOS systems in response to two actively exploited vulnerabilities. The updates, which address CVE-2024-44308 and CVE-2024-44309, are available now.
The vulnerabilities, identified by Google’s Threat Analysis Group, allow attackers to execute arbitrary code on Intel-based Mac systems through maliciously crafted web content. Apple urges users to apply the security patches immediately.
The company has also recently dealt with a new malware campaign targeting macOS users via phishing emails and fake PDF applications, which evaded some security measures. However, this is not directly related to the newly released updates.
Users across the Apple ecosystem are advised to update their devices to:
– iOS 18.1.1
– macOS Sequoia 15.1.1
– iOS 17.7.2
These patches bring a total of over 70 security fixes, with more details on each vulnerability available through links provided by Apple in its advisory.
Source: https://www.securityweek.com/apple-confirms-zero-day-attacks-hitting-intel-based-macs