Apple has released security patches for most of its operating systems, including iOS, Mac, iPadOS, Safari, and visionOS.
To check if you’re using the latest software version, go to Settings (or System Settings) > General > Software Update. It’s also worth turning on Automatic Updates if you haven’t already, which you can do on the same screen. Noteworthy is a vulnerability in the open-source XML parser libexpat tracked as CVE-2024-45490. This vulnerability has been patched in several popular applications since it was discovered in August.
Read more…
Source: Malwarebytes Labs
Related:
- Cisco Releases Security Updates for Multiple Products
March 3, 2022
Cisco has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates: Cisco Expressway ...
- Chrome Zero-Day Under Active Attack – Patch ASAP
February 15, 2022
Google on Monday issued 11 security fixes for its Chrome browser, including a high-severity zero-day bug that’s actively being jumped on by attackers in the wild. In a brief update, Google described the weakness, tracked as CVE-2022-0609, as a use-after-free vulnerability in Chrome’s Animation component. This kind of flaw can lead to all sorts of misery, ...
- Patch now: Adobe releases emergency fix for exploited Commerce, Magento zero-day
February 14, 2022
Adobe has released an emergency patch to tackle a critical bug that is being exploited in the wild. On February 13, the tech giant said that the vulnerability impacts Adobe Commerce and Magento Open Source, and according to the firm’s threat data, the security flaw is being weaponized “in very limited attacks targeting Adobe Commerce merchants.” Tracked as CVE-2022-24086, ...
- Apple patches new zero-day exploited to hack iPhones, iPads, Macs
February 11, 2022
Apple has released security updates to fix a new zero-day vulnerability exploited in the wild by attackers to hack iPhones, iPads, and Macs. The zero-day patched today is tracked as CVE-2022-22620 and is a WebKit Use After Free issue that could lead to OS crashes and code execution on compromised devices. Successful exploitation of this ...
- Microsoft manages a mere 51 security fixes for February update bundle
February 9, 2022
Microsoft for its February Patch Tuesday gave Windows admins just 51 fixes to apply, the smallest number of patches since the meager ration of 44 in August 2021. February tends to be a slow month for repairs because bugs left untended over the winter holidays often get dealt with in January, leaving not all that much ...
- Open-source Kubernetes tool Argo CD has a high-severity path traversal flaw: Patch now
February 4, 2022
A zero-day vulnerability in open-source Kubernetes development tool Argo lets malicious people steal passwords from git-crypt and other sensitive information by simply uploading a crafted Helm chart. Charts are the actual packaging format of ubiquitous tool-for-managing-Kubernetes applications Helm. The vuln, tracked as CVE-2022-24438, exists in Argo CD, a widely used open-source continuous delivery tool for Kubernetes. Patched ...