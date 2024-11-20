Key Takeaways Apple has rolled out security patches for JavaScriptCore and WebKit vulnerabilities across its multiple operating systems.

Hot off the heals of an entire week of new Mac hardware announcements , Apple has switched gears to plug a major security vulnerability found across its operating systems. According to the company, these vulnerabilities are related to its JavaScriptCore and WebKit web engine technologies, which underpin the functioning of internet access.

These patches come in the form of macOS Sequoia 15.1.1, iOS 18 .1.1, iPadOS 18.1.1, visionOS 2.1.1., and Safari 18.1.1. Apple has also gone ahead and pushed out updates to older systems running macOS Sequoia 15.x, iOS 17.x, and iPadOS 17.x.

With regard to the JavaScriptCore vulnerability, Apple says that "processing maliciously crafted web content may lead to arbitrary code execution." As for the WebKit security flaw, the company says that "processing maliciously crafted web content may lead to a cross site scripting attack."

In both cases, the company has addressed the exploits via "improved checks" and "improved state management." These x.x.1 security patches are now broadly available to all users via over-the-air (OTA) updates.

How serious are these security vulnerabilities?

It's unclear whether any real-world devices have been compromised

According to Apple, it's aware that the issue "may have been actively exploited on Intel-based Mac systems." There's no word on whether any Apple Silicon-based Macs or any of the company's mobile devices suffered active exploits, leaving much still up in the air. As is the nature of "zero day" exploits such as these, in which the vulnerability is initially unknown to the software company, information is still sparse while investigations take place.

Interestingly, it appears that it's Google that initially brought these security weak points to light.

Apple's swift response to these security vulnerabilities is great to see -- especially its commitment to patching out the exploits on older devices not running the latest versions of macOS, iOS, and iPadOS. In any case, it's highly recommended that all Apple users download and install these latest security patches to stay as protected and risk-free as possible.

