Apple has rolled out security updates for iPhones, iPads, and Macs to fix two critical vulnerabilities that could lead to the exposure of users’ information and malicious code execution.
Apple said it was aware of reports that they may have been actively exploited before being discovered by Clément Lecigne of Google’s Threat Analysis Group.
The first vulnerability is caused by an out-of-bounds read that could lead to the disclosure of sensitive information when processing web content. Apple said its patch for the issue improved input validation.
The second vulnerability relates to a memory corruption issue that could allow for executing arbitrary code when processing web content. This was patched with improved locking, Apple said.
The security updates carry version 17.1.2 on iOS and iPadOS, and 14.1.2 on MacOS Sonoma.
They are available for the following devices:
- iPhone XS and later
- iPad Pro 12.9-inch 2nd generation and later
- iPad Pro 10.5-inch
- iPad Pro 11-inch 1st generation and later
- iPad Air 3rd generation and later
- iPad 6th generation and later
- iPad Mini 5th generation and later
- All Macs that run MacOS Sonoma
Although the chances are small that the vulnerabilities might have impacted you, updating your device with the patches is recommended to minimise the chances of your device getting compromised.
To do this on an iPhone or iPad, navigate to Settings > General > Software Update and tap the prompt to install the latest available update.
Mac users will find their update under the Software Update in the General section of System Settings.