Apple has recently released security patches to address critical vulnerabilities (CVE-2023-42916 & CVE-2023-42917) affecting the WebKit Browser Engine.
The National Telecommunication and Information Security Board (NTISB) has issued a Cyber Security Advisory warning that threat actors are actively exploiting CVE-2023-42916 & CVE-2023-42917 to gain access to sensitive data and execute arbitrary code through crafted webpages on unpatched devices.
Devices affected by these vulnerabilities include Apple iPhone, iPad, and iPod running iOS versions 16.7.3 or older. The NTISB recommends that users immediately update their devices to iOS version 17.2 or above, which contains patches for these vulnerabilities.
Also Read: Apple’s Bold Move: Discover Which iPhones Will Miss Out on iOS 18
Additionally, users are advised to take the following safety steps:
1. Upgrade to iOS version 17.2 or above from the official Apple Store to patch CVE-2023-42916 & CVE-2023-42917.
2. Consider enabling Lockdown Mode for extreme protection against cyber-attacks (optional).
3. Protect devices with strong passcodes and use two-factor authentication for Apple ID.
4. Install apps only from the official Apple Store to avoid malware and infections.
5. Use anonymity-based solutions while surfing the internet and consider masking the identity of key individuals.
6. Disable location services on Apple devices when not needed.
7. Subscribe to Apple’s security bulletins, threat notifications, and enable auto OS update features to stay informed about security updates and patches.
Users are encouraged to refer to reputable cyber security platforms such as The Hacker News, Bleeping Computer, Security Week, and CSIRTs for further information and updates regarding cyber security threats and best practices.