New Actively Exploited Zero-Day Vulnerability Discovered in Apple Products


On Tuesday, Apple released security patches for the Safari web browser, iOS, iPadOS, macOS, and tvOS to fix a brand-new zero-day vulnerability that could lead to the execution of malicious code. “Aware of a report that this issue may have been aggressively exploited against versions of iOS published before iOS 15.1,” the company stated.

The problem, identified as CVE-2022-42856, is a type confusion flaw in the WebKit browser engine that might be triggered while processing specially designed information and result in arbitrary code execution, according to the tech giant.

Read More…