Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
The US Cybersecurity and Infrastructure Security Agency has added two new Apple-related vulnerabilities to its catalogue and warned that they are both being actively exploited.
The first, CVE-2023-41064, is a buffer overflow vulnerability wherein a “maliciously crafted image” could lead to the execution of arbitrary code. This affects Apple products across its range, but it has been fixed in the following OS versions:
The second vulnerability, CVE-2023-41061, is a validation issue that could allow a malicious attachment to lead to arbitrary code execution. This flaw only affects Apple’s mobile devices, but it has been fixed in the following OS versions:
“These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise,” CISA said in a statement.
According to CISA, both vulnerabilities are still being analysed, but nonetheless, making sure your affected devices are running up-to-date operating systems should do the trick.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
