Apple has released emergency security updates to combat a new zero-day bug in its WebKit browser engine that is allowing threat actors to execute arbitrary code on vulnerable versions of iPads, iPhones, and MacOS devices. Apple said that it was aware of reports that this bug may have been actively exploited by cyber criminals. This zero-day patched by Apple is indexed as CVE-2022-22620. It’s a use-after-free vulnerability in WebKit resulting in the execution of arbitrary code after processing maliciously crafted web content on devices with iPadOS and on iOS that are vulnerable versions.
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
