Apple has recently released critical security updates to address three newly discovered zero-day vulnerabilities that were actively exploited to compromise iPhones and Macs.
The released security updates fix three zero-day vulnerabilities including:
CVE-2023-32409
CVE-2023-28204
CVE-2023-32373
Security Risks
Successful exploitation of the three new zero-day vulnerabilities enables attackers to exploit the vulnerabilities, potentially resulting in unauthorized access, data breaches, and compromised device security.
For the full list of security updates released by Apple, please refer to Apple Security Updates.
Recommended Actions
The National Cyber Security Authority (NCSA) recommends users and system administrators to:
1. Upgrade, as soon as possible, to the latest supported version of installed Apple software in order to continue receiving technical support and security patches.
The released software versions to upgrade to are the following but no limited to:
iOS 16.5 and iPadOS 16.5 : for iPhone 8 and later, iPad Pro (all models), iPad Air 3rd Gen. and later, iPad 5th generation and later, and iPad mini 5th Gen. and later.
iOS 15.7.6 and iPadOS 15.7.6: for iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st Gen.), iPad Air 2, iPad mini (4th Gen.) and iPod touch (7th Gen.).