På mediet X har Center for Cybersikkerhed i dag opfordret alle med iPhone, iPad eller Macs til at opdatere til nyeste softwareversioner. Det sker på baggrund af tre fundne sårbarheder, som kan kompromittere enheder gennem f.eks. ondsindede hjemmesider.
Sårbarhederne er rettet i iOS og iPadOS 17.0.1 og macOS 13.6, som alle blev udsendt i går.
Sårbarhederne beskrives således af Apple
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, iPad mini 5th generation and later
Impact: A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
Description: The issue was addressed with improved checks.
CVE-2023-41992: Bill Marczak of The Citizen Lab at The University of Toronto’s Munk School and Maddie Stone of Google’s Threat Analysis Group
Available for: macOS Ventura
Impact: A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
Description: The issue was addressed with improved checks.
CVE-2023-41992: Bill Marczak of The Citizen Lab at The University of Toronto’s Munk School and Maddie Stone of Google’s Threat Analysis Group
De nyeste versioner lukker således det hul, som kan kompromittere ovenstående enheder, og som Center for Cybersikkerhed nu kraftigt opfordrer til at få opdateret.