"Apple Patches WebKit Code Execution in iPhones, MacBooks"
Apple’s product security response team recently rolled out patches to cover numerous serious security vulnerabilities affecting users of its flagship iOS and macOS platforms. Apple warned that the most serious documented vulnerabilities affect WebKit and can expose iOS and macOS devices to code execution attacks via booby-trapped web content. On the mobile side, Apple pushed out iOS and iPadOS 16.3 with fixes for more than a dozen documented security defects in a range of operating system components. These include a trio of WebKit rendering engine bugs that expose devices to arbitrary code execution. Apple noted that the WebKit flaws also affect users of Apple’s macOS Ventura, Monterey, and Big Sur operating systems. The iOS and iPadOS 16.3 update also fixes privacy and data exposure vulnerabilities in AppleMobileFileIntegrity, ImageIO, kernel, Maps, Safari, Screen Time, and Weather. Apple also rolled out macOS Ventura 13.2 with patches for about 25 documented vulnerabilities, some severe enough to cause code execution attacks.
SecurityWeek reports: "Apple Patches WebKit Code Execution in iPhones, MacBooks"