Skip to main content

Security Alert: Apple zero-day vulnerabilities

Date:
2022-02-11 13:30:00
Status:
Closed
Brief Description:
A zero-day vulnerability in Safari/WebKit for macOS/iOS/iPadOS may allow an attacker to run malicious code on an Apple device by directing a victim to a malicious web page. Apple states this vulnerability is being actively exploited. Update now.
Current Status:
N/A
Services Affected:
Certified Desktop
Full Description:
A zero-day vulnerability in Safari/WebKit for macOS/iOS/iPadOS may allow an attacker to run malicious code on an Apple device by directing a victim to a malicious web page. Apple states this vulnerability is being actively exploited. Update now.

Users should apply the following updates:
• macOS 12.2.1 Monterey (or the latest Safari update for macOS 10.15 or macOS 11)
• iOS 15.3.1
• iPadOS 15.3.1

Managed macOS computers enrolled with Certified Desktop will automatically check for and apply updates, but users must manually restart their Mac when prompted. Users are urged to restart to apply updates as soon as possible. Updates can be applied manually from System Preferences > Software Update.

Versions of macOS older than macOS 10.15 Catalina are unsupported. Computers should be updated to a supported version of macOS.

For more information refer to the references below.
ThreatPost: https://threatpost.com/apple-patches-actively-exploited-webkit-zero-day/178370
Apple Security Updates: https://support.apple.com/en-us/HT201222
CIT TDX ID: