Apple warns 2 macOS zero-day vulnerabilities under attack
searchsecurity.techtarget.comThe macOS Sequoia vulnerabilities are the latest to be targeted and exploited by threat actors as cybersecurity vendors report a shift in the landscape.
- Arielle Waldman, News Writer
Apple disclosed and patched two zero-day vulnerabilities in macOS Sequoia that have been exploited in the wild.
In a security update published on Tuesday, Apple disclosed and released patches for two zero-day vulnerabilities, tracked as CVE-2024-44308 and CVE-2024-44309, that were addressed in macOS Sequoia version 15.1.1. Apple credited Clément Lecigne and Benoît Sevens, security engineers for Google's Threat Analysis Group (TAG), with discovering both flaws.
Both flaws are triggered when users interact with a malicious webpage. Exploitation of CVE-2024-44308 could lead to arbitrary code execution and threat actors who exploit CVE-2024-44309 could conduct cross site scripting attacks.
"Apple is aware of a report that this issue may have been actively exploited on Intel-based ...
Copyright of this story solely belongs to searchsecurity.techtarget.com . To see the full text click HERE