Apple
Apple has released iOS 18.1.1, an emergency update for iPhones that should be installed immediately. This update addresses two major security vulnerabilities that are already being exploited.
Although Apple hasn’t provided much information about the fixes in iOS 18.1.1, it does emphasize the fact that there are These are an “important security fix” and are highly recommended for all users. The first vulnerability was tracked as CVE-2024-44308, which is in the framework JavaScriptCore.This could result in code execution if a user interacts with maliciously crafted web content. Apple notes that it may be actively exploited on Intel-based Mac systems.
CVE-2024-44309 The second is a WebKit vulnerability that, like the first, can lead to a cross-site scripting attack. This is actively exploited on Intel-based Mac systems.
The US cybersecurity infrastructure agency CISA also issued a warning. By recommending that all businesses and users update to iOS 18.1.1 or iOS 17.7.2 along with other Apple software updates, CISA emphasizes the importance of the update for attackers to take control of compromised systems. Affected and exploited vulnerabilities… that they can do
Although iOS 18.1.1 fixes only two vulnerabilities, it is considered quite serious. Experts like Sean Wright, Head of Application Security at Featurespace, warn that the vulnerability JavaScriptCore allows an attacker to remotely execute code on a victim’s machine. This can be used to attempt to redirect users to malicious sites or steal session tokens affecting browsers, including iPhone, iPad, and Mac.
