Attention Apple iPhone, iPad, macOS computer, Apple TV, Apple Watch users! The Hong Kong Computer Emergency Response Coordination Center (HKCERT) under the Hong Kong Productivity Council calls on local Apple device users to update their software as soon as possible to fix three zero-day vulnerabilities targeting different software. The affected software includes iOS 15.7.6 and iOS 16.5 , iPadOS 15.7.6, iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4, Safari 16.5, tvOS 16.5 and watchOS 9.5 previous version. HKCERT rated the incident as “very high risk”.
According to HKCERT, the three zero-day vulnerabilities are CVE-2023-32409, CVE-2023-28204 and CVE-2023-32373. For CVE-2023-28204 and CVE-2023-32373, hackers only need to send phishing messages to lure users to browse malicious websites or install malicious applications to trigger vulnerabilities to invade the system; vulnerability CVE-2023-32409 is related to sandbox escape issues , the issue could allow an attacker to remotely break out of the sandbox that processes web content.
↓↓↓Same show: Dyson launches a new 2-in-1 anti-frizz hair dryer! Salon-level hair styling with one hand↓↓↓
HKCERT reminds users to keep all mobile devices or computer operating systems and applications up to date, and users should only download programs from official application stores. Mobile device users can install a reliable antivirus application to detect known malicious programs and malicious websites, and set a device password lock or screen lock to ensure that the data will not be easily stolen even if the device is stolen or lost. Finally, users should remember not to try to install more functions or applications, unlock the mobile device (Jailbreak), and cancel the original security mechanism.