Apple released patches for a bug that it says “might have been exploited in a particularly subtle assault towards particular focused people,” citing a report.
The zero-day bug was present in WebKit, the browser engine powering Safari and different apps, and allowed hackers to interrupt out of WebKit’s protecting sandbox with “maliciously crafted internet content material,” per Apple. A sandbox is a part of the working system that, even when compromised, can maintain hackers from accessing knowledge in different elements of the system.
The patch was launched on Tuesday for Macs, iPhones and iPad, Safari, and its Vision Pro headset.
Contact Us
Do you’ve gotten extra details about Apple vulnerabilities, or cyberattacks towards Apple customers? From a non-work system and community, you possibly can contact Lorenzo Franceschi-Bicchierai securely on Sign at +1 917 257 1382, or through Telegram and Keybase @lorenzofb, or electronic mail. You can also contact TechCrunch through SecureDrop.
Apple famous that the assault was exploited towards gadgets working software program “earlier than iOS 17.2.”
Neither the hackers nor targets had been disclosed. Apple didn’t reply to a request for remark.
In February, Apple used the identical language — “a particularly subtle assault towards particular focused people” — for one more bug, however there is no such thing as a proof the 2 assaults are related. Earlier than that February patch, Apple had by no means used this wording earlier than.