Subscribe

Apple fixes security flaws

Apple has released security updates to patch three flaws that have been exploited by commercial spyware to infect iPhones and other devices.

The updates, which were released on September 22, 2023, should be installed as soon as possible to protect against these vulnerabilities.

The three flaws are CVE-2023-41991, a certificate validation issue that could allow a malicious app to bypass signature validation. CVE-2023-41992, a kernel-level privilege escalation hole that could be abused to gain full control of a device. And CVE-2023-41993, a web content processing flaw that could lead to arbitrary code execution.

macOS Monterey 12.7, macOS Ventura 13.6, watchOS 9.6.3, watchOS 10.0.1, iOS 16.7 and iPadOS 16.7, iOS 17.0.1 and iPadOS 17.0.1, and Safari 16.6.1 are the Apple devices and software are affected by the flaws.

Google’s Threat Analysis Group (TAG) and The Citizen Lab have discovered evidence that these flaws were exploited by Predator spyware, which is sold by the company Intellexa. Intellexa was added to the U.S. entity list in July 2023 as a national security threat.

TAG has urged users to update their devices to the latest security patches and to use secure HTTPS rather than insecure HTTP where possible to help prevent redirects to malicious websites.

The sources for this piece include an article in TheRegister.

Top Stories

Toyota confirms leak of 240GB of sensitive data in recent hack

Former Google CEO Eric Schmidt makes controversial comments

Study finds 94% of spreadsheets have critical errrors

Study says 94% of spreadsheets contain critical errors

Elon Musk claims DDoS attack caused issues in live-streamed interview with Trump – experts are skeptical

Google anti-trust ruling a financial disaster for Firefox

Related Articles

Microsoft Pledges to Shield European Cloud Services Amid Rising Geopolitical Tensions

May 31, 2025 In response to escalating concerns over U.S. government influence on cloud operations, Microsoft has committed to legally contesting more...

DOGE Accused of Creating Massive Surveillance System Under Musk-Led Trump Administration

May 31, 2025 A new opinion piece in the New York Times warns that the U.S. Department of Government Efficiency (DOGE), more...

Perplexity’s New Browser to Track User Activity for Hyper-Personalized Ads

April 30, 2025 Perplexity AI plans to launch a new browser, Comet, in May 2025, designed to monitor users' online activities more...

Shopify Faces A Class Action In California

April 22, 2025 A U.S. appeals court has reinstated a proposed data privacy class action against Canadian e-commerce company Shopify, allowing more...

Jim Love

Jim Is and author and pud cast host with over 40 years in technology.

Share:
X/Twitter
Linkedin
Blue Sky
Tech News Day is a daily publication featuring key news stories about technology and how it affects businesses.

Follow Us

X-twitter Linkedin-in

Popular categories

Tech News Delivered

New, Relevant Tech Stories. Our selection is done by industry professionals – executives like you who pick the top stories for that day. Our writers summarize them to give you the key takeaways.
Subscribe
© 2025 TECHNEWSDAY. All rights reserved.