Apple Patches Two More Zero-Day Flaws: Hackers 0, Apple 6!

Apple’s emergency security updates tackle two zero-day vulnerabilities affecting Intel-based Macs. The bugs in macOS Sequoia JavaScriptCore and WebKit threaten remote code execution and cross-site scripting. With these fixes, Apple has now patched six zero-day issues in 2024. Looks like bugs are the new apples to keep the vulnerabilities away!

3P
Published: November 19, 2024 9:53 pmAdded: November 19, 2024 at 2:11 pmAssembled by: The Editor
Pro Dashboard

Hot Take:

**_Looks like Apple is treating zero-days like Pokémon—gotta catch ’em all before they wreak havoc on Intel-based Macs! With their emergency updates, Apple’s on a mission to make sure their users aren’t the ones saying, “Oh no, I got pwned!”_**

Key Points:

– Two zero-day vulnerabilities, CVE-2024-44308 and CVE-2024-44309, were exploited on Intel-based Mac systems.
– CVE-2024-44308 allows remote code execution via malicious web content; CVE-2024-44309 enables cross-site scripting.
– Security flaws fixed in macOS Sequoia 15.1.1 and corresponding updates in iOS, iPadOS, and visionOS.
– Discovered by Google’s Threat Analysis Group but with no further exploit details disclosed.
– Apple has tackled six zero-days in 2024, a reduction from 20 zero-days in 2023.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?