1.0 Introduction
Recently, Apple has released security updates to address a critical zero-day vulnerability found in the WebKit web browser engine.
2.0 Impact
A cyber threat actor could exploit some of these vulnerabilities to escape from Web Content sandbox and could potentially allow unauthorized actions.
3.0 Affected Products
- iPhones: iPhone XS and later
- iPads: iPad Pro 13-inch, iPad Pro 12.9-inch (3rd gen and later), iPad Pro 11-inch (1st gen and later), iPad Air (3rd gen and later), iPad (7th gen and later), iPad mini (5th gen and later)
- Macs running macOS Sequoia, macOS Ventura and macOS Sonoma
-
Apple Vision Pro
4.0 Recommendations
CyberSecurity Malaysia encourages users and administrators to review the
Apple security release
and apply the necessary updates:
Kindly refer to the following URLs for more information:
- https://support.apple.com/en-us/122285
- https://support.apple.com/en-us/122281
- https://support.apple.com/en-us/122283
- https://support.apple.com/en-us/122284
- https://support.apple.com/en-us/122174
- https://support.apple.com/en-us/122173
Generally, we advise users to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact the Cyber999 Incident Response Centre through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 08:30 -17:30 MYT
Web:
https://www.mycert.org.my
5.0 References