top of page

Cyber Bites

Critical updates for most Apple Devices

Apple released critical updates on Wednesday for most of their devices.

Among other things, these updates address two zero-day threats that have been weaponized in a mobile surveillance campaign called Operation Triangulation which has been active since 2019.

Also addressed is a third zero-day which could result in arbitrary code execution when processing malicious web content.

If you have any of the following Apple Operating systems or Devices, update as soon as possible.

  • iOS 16.5.1 and iPadOS 16.5.1 - iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later

  • iOS 15.7.7 and iPadOS 15.7.7 - iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)

  • macOS Ventura 13.4.1, macOS Monterey 12.6.7, and macOS Big Sur 11.7.8

  • watchOS 9.5.2 - Apple Watch Series 4 and later

  • watchOS 8.8.1 - Apple Watch Series 3, Series 4, Series 5, Series 6, Series 7, and SE, and

  • Safari 16.5.1 - Macs running macOS Monterey

That makes nine Apple zero-day fixes for 2023.

CVEs: CVE-2023-32439, CVE-2023-32434, CVE-2023-32435

Definitions

zero-day- A software security flaw that is unknown to the software vendor and for which there is no patch or fix available. Attackers can exploit zero-day vulnerabilities to gain unauthorized access to systems or data, and to carry out other malicious activities.

Source: Apple

Would you like a free, no-obligation Cybersecurity Benchmarking of your organization showing where you stand vs. industry-accepted practices? Click here to schedule a time with one of our associates.

Kommentare


bottom of page