Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities


Apple has released urgent updates for iOS, iPadOS, macOS, visionOS, and Safari to patch two actively exploited zero-day vulnerabilities:

CVE-2024-44308 (CVSS 8.8): A JavaScriptCore flaw enabling arbitrary code execution via malicious web content.

CVE-2024-44309 (CVSS 6.1): A WebKit cookie management issue allowing cross-site scripting (XSS) attacks.

Discovered by Google's TAG researchers, these vulnerabilities likely target Intel-based Macs in spyware attacks. Affected devices include iPhones, iPads, Macs, and Apple Vision Pro. Users are urged to update to the latest versions to mitigate risks.

Read More


thumb-image

Solutions