Apple has released a patch for two critical zero-day vulnerabilities (CVE-2024-44309 and CVE-2024-44308) targeting Macs with Intel processors. These vulnerabilities, related to WebKit and JavaScriptCore, allowed attackers to execute malicious code by tricking devices into processing corrupted web content.
Zero-day flaws target Macs using Intel processors
On Tuesday, November 19, Apple released a security advisory urging its users to update their macOS system. The company has rolled out a patch for 2 critical vulnerabilities exploited by hackers targeting Macs with Intel processors.
This warning also caught the attention of Changpeng Zhao, co-founder and former CEO of Binance. On his X profile, he encouraged his subscribers to update their devices without delay, in order to protect themselves against possible attacks.
If you use a Macbook with Intel based chip, update asap!
Stay SAFU!https://t.co/mk2Jsicnte
— CZ 🔶 BNB (@cz_binance) November 20, 2024
Although Macs using Intel processors remain widely used, Apple began a transition to its own ARM processors in November 2020. macOS updates for Intel Macs are expected to continue until 2025, after which they will no longer be compatible with these devices.
🛡️ What are the legal and tax obligations for a crypto influencer?
These 2 vulnerabilities are respectively labeled under the references CVE-2024-44309 and CVE-2024-44308. They were presented as zero-day flaws, that is to say computer vulnerabilities unknown to developers and security teams at the time of their exploitation by the attackers.
Black Friday: – 75% on Cryptoast Academy, don't miss the bullrun, join our experts
An essential macOS update to protect your devices
Apple said the anomalies concern WebKit (a software library that allows developers to create applications that display web content) and JavaScriptCore (a rendering engine that supports the execution of code written in JavaScript in Mac OS applications). X).
These 2 web engines power the Safari browser and the execution of web content, a gateway often exploited by malicious hackers to break into broader software or access users' private data.
The security advisory states that the bugs can be exploited by tricking vulnerable Apple devices into processing malicious web content. This would trigger arbitrary code execution, thereby allowing the installation of malware on the targeted device.
A software update has been released to address bugs identified as vulnerabilities. zero-day “.
👉 In the news – Bitcoin on its way to $100,000? Analysis of BTC with Prof. Chain
These vulnerabilities were reported by security researchers at Google's Threat Analysis Group (TAG). This team works in collaboration with the cyber teams of the States, its objective is to detect, understand and mitigate cyber threats.
This group has a habit of investigating government attack campaigns, suggesting the potential involvement of a state actor in this operation.
Apple has not provided information on who carried out these attacks, how many users were affected, or whether any of them were actually successfully compromised.
A multi-service platform for your cryptos
Buy cryptocurrencies free of charge via SEPA transfer?
Source: Apple
The #1 Crypto Newsletter 🍞
Receive a summary of crypto news every day by email 👌
What you need to know about affiliate links. This page may feature investment-related assets, products or services. Some links in this article may be affiliated. This means that if you buy a product or register on a site from this article, our partner pays us a commission. This allows us to continue to offer you original and useful content. There is no impact on you and you can even get a bonus using our links.
Investments in cryptocurrencies are risky. Cryptoast is not responsible for the quality of the products or services presented on this page and cannot be held responsible, directly or indirectly, for any damage or loss caused following the use of a good or service highlighted in this article. Investments related to crypto-assets are risky by nature, readers should do their own research before taking any action and only invest within the limits of their financial capabilities. This article does not constitute investment advice.
AMF recommendations. There is no guaranteed high return, a product with high return potential involves high risk. This risk-taking must be in line with your project, your investment horizon and your capacity to lose part of this savings. Do not invest if you are not prepared to lose all or part of your capital.
To go further, read our Financial Situation, Media Transparency and Legal Notices pages.
A lifelong cyber enthusiast, I have nurtured my curiosity and passion over time… should it have been the other way around? A convinced maximalist, I could have been part of the cypherpunks if I had been born a few years earlier. Convinced that information and knowledge are the ultimate weapons of freedom, I brandish my pen like a sword, defending this noble cause with fervor. Don't take my word for it, check 🐰
