Apple Releases Emergency Patch Due to Zero-day Attacks for iOS, iPadOS and MacOS

Apple has released a new Rapid Security Response (RSR) update to address zero-day vulnerabilities, (photo: dock. apple)

JAKARTA - Apple has released a new Rapid Security Response (RSR) update to address a zero-day vulnerability, which it claims is being actively exploited.

"This RSR provides important security fixes and is recommended for all users," Apple said in a warning on the company's official website.

The vulnerability, identified as CVE-2023-37450, affects iPhone, Mac and iPad users. It also has the potential to compromise the security and integrity of those devices.

According to an anonymous security researcher's report, Apple is aware that the issue is being actively exploited at this time.

The vulnerability was identified in the WebKit browser engine developed by Apple and used by Mozilla and Google on iOS.

The vulnerability patches include macOS Ventura 13.4.1, iOS 16.5.1, iPadOS 16.5.1 and Safari 16.5.2. If not addressed soon, the vulnerability could be exploited to trick users into visiting web pages containing specially crafted content with harm in it.

However, the company says this security vulnerability has been addressed with enhanced checks to reduce exploit attempts.

RSR patches have been introduced as a compact update designed to address security issues in Apple products and they serve to resolve security issues that appear between major software updates.

If users disable automatic updates or do not install RSR when offered, their device will be patched as part of a future software upgrade.

Launching BleepingComputer, Tuesday, July 11, earlier this month, Apple also handled three zero-days namely CVE-2023-32434, CVE-2023-32435, and CVE-2023-32439 which were exploited to spread Triangulation spyware on iPhones through a zero- click iMessage.