PSA: Safari Security Flaw 'Actively Exploited,' Update Your Apple Devices Now
This week, Apple released critical software updates for Safari which fix a security flaw that exists in the browser across iPhone, iPad, and Mac platforms. Here's what you need to know.
Specifically, the platform-wide fix is for a vulnerability in Safari's WebKit engine that Apple believes may have been "actively exploited" in the wild by hackers.
The flaw, according to Apple, could allow bad actors to "process maliciously crafted web content" that may lead to "arbitrary code execution."
An additional fix that exists in the latest update for macOS Monterey, 12.5.1, relates to a vulnerability that may allow an application to "execute arbitrary code with kernel privileges."
In other words, it could allow hackers to access the deepest layer of the operating system and take complete control of the affected device. Apple says it is aware of a report that this issue may also have been actively exploited.
If you haven't updated already, it's important to do so at the earliest opportunity. The latest critical updates are as follows:
To update your iPhone or iPad, head to Settings -> General -> Software Update. To update your Mac, open System Preferences and select the Software Update preference pane.
Popular Stories
Apple and Meta have opposed a Canadian bill that the companies say could force them to create backdoor access to encrypted user data, should it pass through the country's parliament.
Proposed by Canada's ruling Liberal Party, Bill C-22 contains provisions that could be similar to a UK data access provision order sent to Apple last year, depending on how they are implemented.
Back in Feb...
Anthropic recently announced Project Glasswing, an initiative that enables tech companies like Apple to use its new frontier AI model Claude Mythos Preview to find security vulnerabilities across operating systems and web browsers.
The Wall Street Journal today reported that researchers at cybersecurity firm Calif used Claude Mythos Preview to uncover a new macOS security vulnerability last...
Apple released iOS 26.5 after a few months of beta testing, and while it doesn't have the Siri features we were hoping for since those are being held until iOS 27, there are a handful of useful changes worth knowing about.
Subscribe to the MacRumors YouTube channel for more videos.
End-to-End Encryption for RCS
Support for end-to-end encryption (E2EE) for RCS messages between iPhone and...
