From CNET: Apple is recommending Mac users update their systems after revealing that hackers exploited two vulnerabilities in its software.
The company issued two bug fixes on Tuesday addressing issues in WebKit and JavaScriptCore, which power Safari and other web content. WebKit, in particular, is a major target for hackers aiming to exploit the engine to infiltrate devices and gain access to private data.
In the first instance, Apple said one issue stemmed from "processing maliciously crafted web content," which can lead to an attacker running unauthorized code on a system. The problem was addressed through enhanced validation checks, according to Apple. The second issue involved a cross-site scripting attack. Apple said it resolved the vulnerability by improving cookie state management.
The company noted that it is aware of reports indicating these issues may have been actively exploited on Intel-based Mac systems. Apple also rolled out a security update for the iPad and iPhone related to the same vulnerabilities.
View: Full Article
