WebKit Under Attack: Apple Issues Emergency Patches for 3 New Zero-Day Vulnerabilities

Apple on Thursday rolled out security updates
<https://support.apple.com/en-us/HT201222> to iOS, iPadOS, macOS, tvOS,
watchOS, and the Safari web browser to address three new zero-day flaws
that it said are being actively exploited in the wild.

The three security shortcomings are listed below --

   - CVE-2023-32409 - A WebKit flaw that could be exploited by a malicious
   actor to break out of the Web Content sandbox. It was addressed with
   improved bounds checks.
   - CVE-2023-28204 - An out-of-bounds read …

actively exploited address apple attack browser cve cve-2023-32409 emergency exploited flaw flaws patches safari security security updates under updates vulnerabilities watchos web web browser webkit zero-day zero-day flaws zero-day vulnerabilities