Apple has released a critical Zero-Day Patch for iPhones and Macs to fix vulnerabilities actively exploited in the wild. Users are urged to update immediately for enhanced protection. Apple has fixed a number of other zero-day flaws overall in the past few months.
WebKit has been a common target for threat actors as many previously exploited vulnerabilities have been reported in this component, WebKit is the web browser engine developed by Apple and used by many other apps on macOS, and iOS.
Apple Releases Rapid Security Response Updates for iOS, iPadOS, macOS, and Safari web browser to address a zero-day patch, specifically for tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3, macOS Ventura 13.6.4, macOS Monterey 12.7.3 to fix actively Exploited Vulnerability.
Apple Patch Updates address Zero Day Vulnerabilities targeting iPhones, iPads, Macs and Safari web browsers. The Rapid Security Response updates address fixes for actively exploited vulnerabilities, CVE-2024-23222 WebKit web browser engine flaws.
The best way is always to keep Apple devices updated with the latest patches. Also, IT Admins can force critical macOS, and iOS patches and enable Compliance policy if they manage the devices with Intune to ensure all the devices are compliant and secure to be attacked by any remote attacker, More about Force Safari Patch Updates On MacOS.
- Easy Method To Force Safari Patch Updates On MacOS Using Intune
- Enable Automatic Updates For MacOS Devices Using Intune
Apple Zero-Day Patch Update Fix Vulnerabilities
Rapid Security Responses are a new type of software release for iPhone, iPad, and Mac. Apple is aware of a report that this issue may have been exploited. The Rapid Security Responses (RSR) were released to mitigate some security issues more quickly, such as issues that might have been exploited or reported to exist “in the wild.”
Apple is aware of a report that this issue may have been exploited. The issue tracked with CVE-2024-23222 is a type of confusion issue that was addressed with improved checks in the WebKit browser engine, Zero-Day Patch. Processing maliciously crafted web content may lead to arbitrary code execution.
Platform | Impact | Descriptions | CVE-ID |
---|---|---|---|
tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3, macOS Ventura 13.6.4, macOS Monterey 12.7.3. | Processing maliciously crafted web content may lead to arbitrary code execution | A type confusion issue was addressed with improved checks. | CVE-2024-23222 |
Apple Releases Rapid Security Response Updates for iOS, iPadOS, macOS, and Safari web browser to address a zero-day patch, specifically for tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3, macOS Ventura 13.6.4, macOS Monterey 12.7.3.
Name and information link | Available for | Release date |
---|---|---|
Safari 17.3 | macOS Monterey and macOS Ventura | 22 Jan 2024 |
iOS 17.3 and iPadOS 17.3 | iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later | 22 Jan 2024 |
iOS 16.7.5 and iPadOS 16.7.5 | iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation | 22 Jan 2024 |
iOS 15.8.1 and iPadOS 15.8.1 | iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation) | 22 Jan 2024 |
macOS Sonoma 14.3 | macOS Sonoma | 22 Jan 2024 |
macOS Ventura 13.6.4 | macOS Ventura | 22 Jan 2024 |
macOS Monterey 12.7.3 | macOS Monterey | 22 Jan 2024 |
watchOS 10.3 | Apple Watch Series 4 and later | 22 Jan 2024 |
tvOS 17.3 | Apple TV HD and Apple TV 4K (all models) | 22 Jan 2024 |
Important to Keep Apple Devices Up to Date
To download macOS software updates, choose Apple menu > System Settings, click General in the sidebar (you may need to scroll down), then click Software Update on the right for Zero-Day Patch.
Clicking on the Update Now, You can see Windows appearing with the Information and updates that are available for your Mac with Version and size details. You can click on the Install Now button to start installing the updates.
Note – New Rapid Security Responses are delivered only for the latest versions of iOS, iPadOS, and macOS, starting with iOS 16.4.1, iPadOS 16.4.1, and macOS 13.3.1.
By default, your device automatically applies Rapid Security Responses. If necessary, you will be prompted to restart your device. To check your device settings, follow the steps below.
If you want to enable the automatic updates for your device, You can simply click on the Automatic Updates (i) button to get the offered options for you, then make sure that “Install Security Responses and system files” is turned On. Here you can set it up the following option to offer automatic update
- Check for updates
- Download new updates when available
- Install macOS updates
- Install application updates from the App Store
- Install Security Response and system files
Do you have supervised iOS devices managed through Intune? If so, you may be aware that iOS software updates will force installation updates on supervised mode iOS devices. Intune has a policy to prevent/delay these force updates, How To Schedule IOS Automatic Updates Using Intune Policies.
Manage macOS Software Updates using Intune
Intune policy for macOS software updates allows you to remotely manage how downloads, installations, and notifications should occur when the updates are available for macOS, You can manage macOS Updates Using Intune Policy.
You can check the Software Update Status for macOS Devices with the following steps to help you monitor and troubleshoot issues with software updates installation on macOS. Here’s how to get the details status specific to the device in Intune, Monitor MacOS Update Installation Status.
Once you click on the update, you will get a detailed report of the updates. For example, The device is installing macOS Security Response Zero-Day Patch. The Update Category status, update category, Version, and Last updated are displayed here.
We are on WhatsApp. To get the latest step-by-step guides and news updates, Join our Channel. Click here –HTMD WhatsApp.
Author
About Author – Jitesh, Microsoft MVP, has over six years of working experience in the IT Industry. He writes and shares his experiences related to Microsoft device management technologies and IT Infrastructure management. His primary focus is Windows 10/11 Deployment solution with Configuration Manager, Microsoft Deployment Toolkit (MDT), and Microsoft Intune.