High Threat Security Alert (A23-07-06): Vulnerability in Apple Products


 

Published on: 11 July 2023

  
  

Description:

Apple has released security updates to fix a vulnerability in macOS and Safari. The list of vulnerability information can be found at:
https://support.apple.com/en-us/HT213825
https://support.apple.com/en-us/HT213826

Apple has released an emergency update to address a new arbitrary code execution vulnerability (CVE-2023-37450) which is being actively exploited. Users are advised to take immediate action to patch your affected systems to mitigate the elevated risk of cyber attacks.

Apple has released the security update macOS 13.4.1 (c) to address the arbitrary code execution vulnerability (CVE-2023-37450) which is being actively exploited. Users are advised to take immediate action to patch your affected systems to mitigate the elevated risk of cyber attacks.

 

Affected Systems:

  • macOS Ventura 13.4.1 and 13.4.1 (a)
  • Safari versions prior to version 16.5.2 on macOS Big Sur and macOS Monterey

For detailed information of the affected products, please refer to the corresponding security advisory at vendor's website.

 

Impact:

Successful exploitation of the vulnerability could lead to arbitrary code execution on an affected device.

 

Recommendation:

Patches for affected products are available. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://support.apple.com/en-us/HT213825
  • https://support.apple.com/en-us/HT213826
  • https://www.hkcert.org/security-bulletin/apple-products-remote-code-execution-vulnerability_20230711
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37450


Tag: Apple , macOS , Safari
Tags