Apple on Tuesday launched a brand new model of Safari to handle a pair of zero-day WebKit vulnerabilities that have been reportedly exploited within the wild.
The newest Safari 14.1 replace for macOS Catalina and macOS Mojave closes two WebKit flaws current in Apple’s current-generation working techniques, in accordance with a safety document printed at this time.
Detailed in a safety disclosure on Tuesday, the 2 zero-day vulnerabilities — reminiscence corruption and integer overflow points — may permit malicious internet content material to execute arbitrary code on a goal system. Apple stated it was conscious of experiences that the bugs have been exploited within the wild.
The vulnerabilities are recognized as CVE-2021-30665 and CVE-2021-30663.
Apple patched the identical flaws in its launch of iOS 14.5.1 and macOS Massive Sur 11.three on Monday.
Together with the 2 crucial patches, at this time’s model of Safari 14.1 incorporates bug fixes and safety protections launched with a separate model of the online browser launched in April.