Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308)

Apple has released emergency security updates for macOS Sequoia that fix two zero-day vulnerabilities (CVE-2024-44309, CVE-2024-44308) that “may have been actively exploited on Intel-based Mac systems”. About CVE-2024-44309 and CVE-2024-44308 CVE-2024-44309 affects WebKit, the browser engine used in the Safari web browser and all iOS and iPadOS web browsers, and can be triggered when it’s made to process maliciously crafted web content. It can enable a cross site scripting (XSS) attack. CVE-2024-44308 affects JavaScriptCore – … More

The post Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308) appeared first on Help Net Security.

20 November 2024


>>More