Apple has released security updates to fix two actively exploited vulnerabilities in its WebKit browser engine.

“Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1,” the company said in an advisory issued on Wednesday.

Buy Me a Coffee

The vulnerabilities, tracked as CVE-2023-42916 and CVE-2023-42917, could allow attackers to gain access to sensitive information or execute arbitrary code on affected devices.

CVE-2023-42916 is an out-of-bounds read vulnerability that could allow attackers to disclose sensitive information when processing web content. CVE-2023-42917 is a memory corruption vulnerability that could allow attackers to execute arbitrary code when processing web content.

READ
Apple Plans Major AI Overhaul for Siri, Aiming to Rival ChatGPT and Google Gemini Live