Apple addressed a third zero-day in 2022, which is actively exploited | #CyberSecurity #NobodyIsPerfect  | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
From securityaffairs.co - February 11, 2022 8:35 AM

Apple addressed a new WebKit zero-day affecting iOS, iPadOS, macOS, and Safari that may have been actively exploited in the wild.


Apple has addressed a zero-day vulnerability, tracked as CVE-2022-22620, in the WebKit affecting iOS, iPadOS, macOS, and Safari that may have been actively exploited in the wild.

This is the third zero-day vulnerability fixed by the IT giant this year.

The flaw is a use after free issue that could be triggered by processing maliciously crafted web content, leading to arbitrary code execution

“Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.” reads the security advisory published by Apple. “A use after free issue was addressed with improved memory management.”

The vulnerability was reported by an anonymous researcher, the company addressed it by improving the memory management.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security