Apple fixes zero-day flaws in WebKit for sophisticated attacks

Dansk

Apple has addressed two zero-day vulnerabilities in its WebKit engine that were exploited in sophisticated attacks. The company released patches to fix these bugs, enhancing security for users of its devices.

Apple announced fixes for two zero-day flaws in WebKit, the engine powering Safari and other web technologies on its platforms. These vulnerabilities were actively exploited in what the company described as sophisticated attacks, posing risks to user data and device integrity.

The patches were issued as part of Apple's regular security updates, targeting iOS, iPadOS, macOS, and other affected systems. WebKit's role in rendering web content makes it a frequent target for attackers seeking to execute malicious code.

No specific details on the nature of the exploits or affected users were provided in the announcement, but Apple emphasized the importance of updating devices promptly to mitigate risks. This move underscores ongoing efforts to counter advanced cyber threats in the ecosystem.

Relaterede artikler

Illustration of Apple devices updating to iOS 26.1 and other OS versions, highlighting new features and fixes for a news article.
Billede genereret af AI

Apple releases iOS 26.1 and other OS updates with new features

Rapporteret af AI Billede genereret af AI

Apple has rolled out the 26.1 updates for iOS, iPadOS, macOS Tahoe, and several other operating systems following weeks of testing. These releases include tweaks to Liquid Glass controls, multitasking improvements, and security fixes. The updates address early bugs from the September launches while delaying some promised features like a more personal Siri.

Apple releases iOS 26.2 and ecosystem updates with critical security fixes and app enhancements

Apple began rolling out iOS 26.2 on December 12, 2025, patching two zero-day WebKit vulnerabilities actively exploited in sophisticated targeted attacks, plus over two dozen other bugs. The update adds UI improvements like expanded Liquid Glass customization and app features for Apple Music, Podcasts, and more. Companion updates for iPadOS, macOS, watchOS, tvOS, and visionOS focus on convenience and security. At least half of iPhone owners have yet to update to iOS 26 or later, risking exposure.

Microsoft patches security flaw in Office software

Rapporteret af AI

Microsoft has issued an emergency patch for a worrying security flaw in its Office software. The vulnerability could allow hackers to access users' files if not updated promptly. The patch was released to address this critical issue.

Linux

The myth of Linux's invincibility in enterprise security

Teknologi

Six Apple apps hit by subscription changes

Teknologi

HPE urges immediate patching of OneView after critical security flaw found

Apple rolls out iOS 26.2 changes in Japan: alternative app stores, payments, browsers under MSCA

Apple has updated iOS 26.2 exclusively for Japanese users to comply with the Mobile Software Competition Act, enabling third-party app stores (with 5% fees), alternative payments (with commissions), browser choice screens, and non-WebKit engines, alongside Notarization security checks. These follow similar pressures in Europe and come amid strong App Store revenue.

GNU C Library fixes security issue from 1996

Rapporteret af AI

The GNU C Library has addressed a long-standing security vulnerability that dates back to 1996. This fix, identified as CVE-2026-0915, patches a flaw present in the library since its early versions. The update aims to enhance security for systems relying on this fundamental component of Linux distributions.

Linux kernel bugs can hide for up to 20 years

A security researcher has found that bugs in the Linux kernel often remain undetected for more than two years on average, with some persisting for over two decades. By analyzing 20 years of kernel development, Jenny Guanni Qu uncovered how these flaws quietly affect cloud systems, enterprises, and billions of devices. Her work highlights the challenges of maintaining secure open-source software.

Microsoft releases second emergency update for Windows 11 Outlook crashes

Rapporteret af AI

Microsoft has rolled out a second out-of-band update for Windows 11 to resolve crashes in Outlook and issues with cloud-stored files. The patch targets bugs introduced by the company's January 2026 security update. This follows a previous emergency fix last week addressing shutdown and login problems.

lørdag d. 31. januar 2026, 14.04

Apple updates decade-old iPhones to sustain iMessage

søndag d. 25. januar 2026, 21.22

Google Chrome ends support for macOS 12 Monterey on older Macs

fredag d. 23. januar 2026, 05.13

Fortinet FortiGate devices face automated attacks creating rogue accounts

tirsdag d. 13. januar 2026, 14.43

US government urged to patch critical Gogs security flaw

tirsdag d. 30. december 2025, 06.58

Thousands of Korean Air employees exposed in Oracle breach

mandag d. 22. december 2025, 14.24

WatchGuard Firebox OS patches critical security flaw

søndag d. 21. december 2025, 12.02

Chinese hackers install backdoors via Cisco email zero-day

fredag d. 19. december 2025, 11.19

Cisco email security products targeted in zero-day campaign

onsdag d. 10. december 2025, 10.51

Google adds prompt injection defenses to Chrome

onsdag d. 10. december 2025, 07.11

North Korean hackers exploit maximum severity React2Shell flaw

 

 

 

Dette websted bruger cookies

Vi bruger cookies til analyse for at forbedre vores side. Læs vores privatlivspolitik for mere information.
Afvis