Apple has released emergency security updates to address a zero-day vulnerability used to hack iPhones, iPads, and Macs. On the security update page, Apple said that it “is aware of a report that this issue may have been actively exploited”.
According to a Bleeping Computer report, the patch is tracked as CVE-2023-23529; the risk is from a WebKit confusion issue that could be exploited to trigger OS crashes and gain code execution on compromised devices. The company is yet to publish information regarding these attacks.
Apple has rolled out macOS 13.2.1, iOS 16.3.1, and HomePod Software 16.3.2 updates. These come three weeks after the release of macOS 13.2, which introduced security keys support with Apple. TechCrunch reported that there have been nine bugs in iOS since January 2022.