Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Zero-Day Vulnerability in Apple Products
Alerts

Zero-Day Vulnerability in Apple Products

23 January 2024

Apple has released security updates to address a zero-day vulnerability (CVE-2024-23222) in their products. The vulnerability is reportedly being actively exploited. 

Successful exploitation of the WebKit vulnerability could allow an attacker to execute arbitrary malicious code on devices running vulnerable iOS, macOS, and tvOS versions after opening a malicious web page. 

The vulnerability affects the following products:

  • iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation

  • iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later

  • Macs running macOS Monterey and later

  • Apple TV HD and Apple TV 4K (all models) 

Users of the affected products are advised to update to the latest versions immediately. 

Users are also advised to enable automatic software updates by going to Settings > General > Software Updates > Enable Automatic Updates

More information is available here:

https://support.apple.com/en-us/HT214061

https://www.bleepingcomputer.com/news/apple/apple-fixes-first-zero-day-bug-exploited-in-attacks-this-year/