Headline
Update now! Apple confirms vulnerabilities are already being exploited
Apple has released security updates that look especially important for Intel-based Macs because they are already being exploited in the wild.
Apple has released security patches for most of its operating systems, including iOS, Mac, iPadOS, Safari, and visionOS.
The updates for iOS and Intel-based Mac systems are especially important, as they tackle vulnerabilities that are being actively exploited by cybercriminals. You should make sure you update as soon as you can.
To check if you’re using the latest software version, go to Settings > General > Software Update. It’s also worth turning on Automatic Updates if you haven’t already, which you can do on the same screen.
To determine whether your Mac is Intel-based or equipped with Apple silicon, follow these simple steps:
Click the Apple icon in the top-left corner of your screen.
Select About This Mac.
Check the information:
If you see an item labeled Chip, your Mac has Apple silicon (like M1, M2, or M3).
If you see an item labeled Processor, it indicates that your Mac is Intel-based, and the specific Intel processor name will be listed next to it.
Technical details
Because Apple does not share details until everyone has had a chance to update, it is hard to figure out what the exact problem is. But there are some things we can deduct from the given information.
The vulnerabilities that Apple says may have been actively exploited on Intel-based Mac systems are:
CVE-2024-44308: a vulnerability in the JavaScriptCore component. Processing maliciously crafted web content may lead to arbitrary code execution. This means that an attacker will have to trick a victim into opening a malicious file containing web content.
JavaScriptCore is the built-in JavaScript engine for WebKit that enables cross-platform development by providing a way to execute JavaScript within native iOS and macOS applications.
CVE-2024-44309: a cookie management issue in the WebKit component was addressed with improved state management. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1 and iPadOS 18.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to a cross-site scripting attack.
We don’t just report on macOS security—we provide it.
Cybersecurity risks should never spread beyond a headline. Keep threats off your Mac by downloading Malwarebytes for Mac today.
Related news
Debian Linux Security Advisory 5823-1 - The following vulnerabilities have been discovered in the WebKitGTK web engine. Clement Lecigne and Benoit Sevens discovered that processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems. Clement Lecigne and Benoit Sevens discovered that processing maliciously crafted web content may lead to a cross site scripting attack. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.
Red Hat Security Advisory 2024-10492-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2024-10483-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2024-10472-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9. Issues addressed include a bypass vulnerability.
Apple Security Advisory 11-19-2024-5 - macOS Sequoia 15.1.1 addresses code execution vulnerabilities.
Apple Security Advisory 11-19-2024-4 - iOS 17.7.2 and iPadOS 17.7.2 addresses code execution vulnerabilities.
Apple Security Advisory 11-19-2024-3 - iOS 18.1.1 and iPadOS 18.1.1 addresses code execution vulnerabilities.
Though the information regarding the exploits is limited, the company did report that Intel-based Mac systems have been targeted by cybercriminals looking to exploit CVE-2024-44308 and CVE-2024-44309.