Apple has just dropped some new updates for all their cool stuff like iPhones, iPads, Macs, and even that fancy Vision Pro headset, along with their web browser, Safari. These updates are like super important because they fix two really big security problems that some bad peeps might have already been using.
The first issue, CVE-2024-44308, is in something called JavaScriptCore, which is like the brain that lets websites do fancy stuff. If you go on a sketchy site, it could let those bad guys run their own code on your phone or computer. Apple says they've made it stronger so it won't let that happen anymore.
The second problem, CVE-2024-44309, is all about cookies in WebKit. This isn't the kind you eat, but the kind that lets websites remember you. Someone could trick you with some nasty web content and use it to pull off a cross-site scripting attack, which is basically digital trickery to mess with your stuff. But Apple has updated it to keep your cookies safe from those sneaky attacks.
These two problems are kind of a big deal because Apple said that people have actually been using them to do some shady business on Intel-based Macs. Yikes!
Google's Threat Analysis Group, with two dudes named Clément and Benoît, found these issues, so it's probably like those high-level spy hacks you see in the movies, but real. They told Apple about it, and now the updates are out to stop anyone else from using these tricks.
The updates are for:
- iOS 18.1.1 and iPadOS 18.1.1 for the newer iPhones and iPads.
- iOS 17.7.2 and iPadOS 17.7.2 for the slightly older ones.
- macOS Sequoia 15.1.1 if you're on a Mac.
- visionOS 2.1.1 if you've got the new Apple Vision Pro.
- And Safai 18.1.1 if you're rocking a Mac with macOS Ventura or macOS Sonoma.
Apple has fixed four of these zero-day things this year, with one being shown off at some hacking contest called Pwn2Own.
So, if you wanna keep your devices safe from digital creepers, you should totally update to the newest version as soon as you can. It's like updating your antivirus but way more Apple-y.