Apple fixed and re-released emergency security updates addressing a WebKit zero-day vulnerability that was exploited in attacks and fixed the issue that prevented some websites from displaying properly.
The released security updates fix a zero-day vulnerability:
CVE-2023-37450
Security Risks
The identified zero-day vulnerability in WebKit poses a significant security risk. Exploiting this vulnerability allows attackers to execute arbitrary code by tricking users into opening maliciously crafted web pages. It's crucial to promptly update systems with the provided patch to mitigate the risk of potential attacks.
For the full list of security updates released by Apple, please refer to Apple Security Updates.
Recommended Actions
The National Cyber Security Authority (NCSA) recommends users and system administrators to:
1. Upgrade, as soon as possible, to the latest supported version of installed Apple software in order to continue receiving technical support and security patches.
The released software versions to upgrade to are the following:
Safari 16.5.2 : for macOS Big Sur and macOS Monterey.