Apple patches two zero-days used to target iOS users (CVE-2023-42916 CVE-2023-42917) | allinfosecnews.com

Dec. 1, 2023, 9:23 a.m. | Zeljka Zorz

Help Net Security www.helpnetsecurity.com

With the latest round of security updates, Apple has fixed two zero-day WebKit vulnerabilities (CVE-2023-42916, CVE-2023-42917) that “may have been exploited against versions of iOS before iOS 16.7.1.” About the vulnerabilities (CVE-2023-42916, CVE-2023-42917) CVE-2023-42916 is a out-of-bounds read flaw, while CVE-2023-42917 is a vulnerability allowing for exploitable memory corruption. Both affect WebKit, the Apple-developed browser engine used by the company’s Safari web browser and all web browsers on iOS and iPadOS. CVE-2023-42916 may lead to … More →

The post …

0 day apple corruption cve cve-2023-42916 cve-2023-42917 don't miss exploited flaw hot stuff ios ios 16 ipad latest macos may memory memory corruption out-of-bounds patches security security update security updates target updates vulnerabilities vulnerability webkit zero-day zero-days

More from www.helpnetsecurity.com / Help Net Security

Adaptive Shield unveils SaaS security for AI 6 hours ago | www.helpnetsecurity.com

adaptive shield and response applications apps +28

Onyxia launches AI-powered predictive insights to optimize security management 6 hours ago | www.helpnetsecurity.com

address ai-powered can challenges +24

Island raises $175 million at $3 billion valuation 6 hours ago | www.helpnetsecurity.com

capital coatue financing funding +10

Synopsys Polaris Assist automates repetitive, time-consuming tasks for security and development teams 7 hours ago | www.helpnetsecurity.com

ai-powered application application security assistant +30

FCC fines major wireless carriers over illegal location data sharing 7 hours ago | www.helpnetsecurity.com

access att carriers communications +26

Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs for persistence after resets/upgrades 7 hours ago | www.helpnetsecurity.com

alto attackers aware concept +24

Cybersixgill Third-Party Intelligence module identifies potential supply chain risks 8 hours ago | www.helpnetsecurity.com

action cyber cybersecurity cybersixgill +25

ESET launches two MDR subscription tiers for SMBs and enterprises 10 hours ago | www.helpnetsecurity.com

and response businesses detection detection and response +15

ThreatX provides always-active API security from development to runtime 11 hours ago | www.helpnetsecurity.com

api api security application application protection +19

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Information Security Engineer - Vulnerability Management

@ Starling Bank | Southampton, England, United Kingdom

View on infosec-jobs.com

Manager Cybersecurity

@ Sia Partners | Rotterdam, Netherlands

View on infosec-jobs.com

Compliance Analyst

@ SiteMinder | Manila

View on infosec-jobs.com

Information System Security Engineer (ISSE)-Level 3, OS&CI Job #447

@ Allen Integrated Solutions | Chantilly, Virginia, United States

View on infosec-jobs.com

Enterprise Cyber Security Analyst – Advisory and Consulting

@ Ford Motor Company | Mexico City, MEX, Mexico

View on infosec-jobs.com