Apple’s latest Rapid Security Response (RSR) updates fix a critical zero-day vulnerability affecting iPhones, Macs, and iPads. This vulnerability, known as CVE-2023-37450, was reported by an anonymous researcher and may have been exploited in the wild by malicious actors.
What is RSR, and why is it important?
RSR is a new feature introduced by Apple to deliver compact and timely security updates to its devices. RSR updates are designed to address urgent security issues that emerge between major software releases, such as zero-day exploits. RSR updates are automatically installed on your device unless you disable this option. However, Apple strongly recommends installing RSR updates as soon as they are available to protect your device from potential attacks.
What is CVE-2023-37450, and how does it affect your device?
CVE-2023-37450 is a vulnerability in the WebKit browser engine, which Safari and other apps use to render web pages. This vulnerability allows an attacker to execute arbitrary code on your device by luring you to visit a malicious website. This could result in data theft, device compromise, or other unwanted consequences.
How can you protect your device from CVE-2023-37450?
Apple has released the following RSR updates to address CVE-2023-37450:
macOS Ventura 13.4.1 (a)
iOS 16.5.1 (a)
iPadOS 16.5.1 (a)
Safari 16.5.2
You should install these updates as soon as possible to secure your device from this threat.
You can check for updates by going to
Settings > General > Software Update on your iPhone or iPad or by clicking the
Apple menu > System Preferences > Software Update on your Mac.
You can also update Safari by opening the app and choosing Safari > About Safari.
Apple has taken swift action to patch a severe zero-day vulnerability in its WebKit browser engine that could affect millions of devices. Installing the latest RSR updates ensures your device is protected from this and other security risks. Stay tuned for more IT news and tips on this blog.