Apple Critical Zero-day Flaw Exposes iPhones & Macs

Apple has released its first zero-day vulnerability patch of 2024, which affected lots of Apple products, at the side of tvOS, iOS, iPadOS, macOS, and Safari. The zero-day is tracked below the CVE ID CVE-2024-23222, and the severity of this vulnerability is yet to be categorized.

Apple said that they are mindful about this vulnerability being exploited by threat actors within the wild and urges all users to patch their Apple products accordingly.

CVE-2024-23222 – Form Confusion Vulnerability

This vulnerability is associated with Form confusion, which arises when a helpful resource is accessed with an incompatible fashion that could per chance consequence in logical errors. A threat actor can exploit this vulnerability by crafting malicious online page, which could per chance consequence in arbitrary code execution on affected products.

Moreover, according to Apple’s security advisories, this vulnerability exists within the WebKit express and is prevalent on lots of Apple products, both oldschool ones and new ones. Merchandise tormented by this vulnerability encompass

• iPhone XS and later, iPad Pro 12.9-roam 2nd generation and later, iPad Pro 10.5-roam, iPad Pro 11-roam 1st generation and later, iPad Air 3rd generation and later, iPad sixth generation and later, and iPad mini fifth generation and later
• iPhone 8, iPhone 8 Plus, iPhone X, iPad fifth generation, iPad Pro 9.7-roam, and iPad Pro 12.9-roam 1st generation
• macOS Monterey, macOS Ventura and macOS Sonoma
• Apple TV HD and Apple TV 4K (all items)

Moreover, lots of diversified security updates were also published by Apple that patched lots of diversified vulnerabilities affecting diversified factors and products.

It is suggested that users of the total affected Apple products patch with the most up-to-date security updates to dwell the exploitation of those vulnerabilities by threat actors.