[ad_1]
Apple on Thursday launched safety updates for iOS, iPadOS, macOS, and Safari to handle a brand new WebKit flaw that it stated might have been actively exploited within the wild, making it the corporate’s third zero-day patch for the reason that begin of the yr.
Tracked as CVE-2022-22620, the problem issues a use-after-free vulnerability within the WebKit element that powers the Safari internet browser and may very well be exploited by a chunk of specifically crafted internet content material to achieve arbitrary code execution.
“Apple is conscious of a report that this challenge might have been actively exploited,” the corporate stated in a terse assertion acknowledging in-the-wild assaults leveraging the flaw.
The iPhone maker credited an nameless researcher for locating and reporting the flaw, including it remediated the problem with improved reminiscence administration.
The updates can be found for iPhone 6s and later, iPad Professional (all fashions), iPad Air 2 and later, iPad fifth technology and later, iPad mini 4 and later, and iPod contact (seventh technology), macOS gadgets working Large Sur and macOS Catalina, and in addition as a standalone replace for Safari.
The most recent repair brings the tally of zero-day patches issued by Apple for 2022 to 3, together with CVE-2022-22587 and CVE-2022-22594, that might have been exploited to run arbitrary code and observe customers’ on-line exercise within the internet browser.
[ad_2]
