Apple Releases Critical Security Patch to Address Zero-Day Vulnerability
Apple has issued a Rapid Security Response (RSR) update to fix a zero-day vulnerability that reportedly affects fully-patched Apple devices, including iPhones, Macs, and iPads. The flaw, tracked as CVE-2023-37450, is an arbitrary code execution bug in the WebKit browser engine, which could allow threat actors to run malicious code on targeted devices by tricking victims into visiting malicious websites.
Apple’s security advisory stated that the company is aware that the vulnerability may have been actively exploited. To address the issue, Apple implemented improved checks to mitigate the exploitation attempts.