San Francisco, April 10: Apple has fixed two new zero-day security vulnerabilities exploited in attacks to compromise iPhones, Macs, and iPads, in its latest software update. According to BleepingComputer, the two zero-day security vulnerabilities were addressed in iOS 16.4.1, iPadOS 16.4.1, macOS Ventura 13.3.1, and Safari 16.4.1 with improved input validation and memory management.

The first security flaw is an IOSurfaceAccelerator that could lead to the corruption of data, a crash, or code execution. Successful exploitation enables attackers to execute arbitrary code with kernel privileges on targeted devices by using a maliciously crafted app, said the report. iPhone 15 Ultra Rear Design Leaked: Apple To Offer Smaller and Better Camera Bump.

The second zero-day vulnerability is a WebKit that allows data corruption or arbitrary code execution when freed memory is reused. An attacker can exploit this flaw by tricking targets into loading malicious web pages under their control, resulting in code execution on compromised systems.

Meanwhile, researchers have tracked 55 zero-day vulnerabilities that were exploited in 2022 by the hackers, mostly targeting Microsoft, Google and Apple products. Apple iPhone 15 Pro and iPhone 15 Pro Max New Design Leaks Immerge; Find All the Design Leaks Till Date Here.

According to information security company Mandiant report, products of Microsoft, Google and Apple made up the majority of zero-day vulnerabilities in 2022, consistent with the previous years, and the most exploited product types were operating systems (19), followed by browsers (11), security, IT, and network management products (10), and mobile OS (six).

(The above story first appeared on LatestLY on Apr 10, 2023 04:43 PM IST. For more news and updates on politics, world, sports, entertainment and lifestyle, log on to our website latestly.com).