Forward of the eagerly anticipated macOS 15.2 replace, Apple on Tuesday launched the macOS Sequoia 15.1.1 emergency replace to patch a pair of scary vulnerabilities which have already been utilized in distant assaults.
The 2 patches repair flaws in JavaScript and WebKit, and have been each found by Google’s Risk Evaluation Group. Apple says each vulnerabilities “might have been actively exploited on Intel-based Mac methods.” Apple doesn’t particularly say whether or not Apple silicon Macs are affected, however the identical flaws have been patched in iOS 18.1.1.
JavaScriptCore
- Influence: Processing maliciously crafted net content material might result in arbitrary code execution. Apple is conscious of a report that this challenge might have been actively exploited on Intel-based Mac methods.
- Description: The difficulty was addressed with improved checks.
- WebKit Bugzilla: 283063
- CVE-2024-44308: Clément Lecigne and Benoît Sevens of Google’s Risk Evaluation Group
WebKit
- Influence: Processing maliciously crafted net content material might result in a cross web site scripting assault. Apple is conscious of a report that this challenge might have been actively exploited on Intel-based Mac methods.
- Description: A cookie administration challenge was addressed with improved state administration.
- WebKit Bugzilla: 283095
- CVE-2024-44309: Clément Lecigne and Benoît Sevens of Google’s Risk Evaluation Group
Whereas the replace is offered for all Macs operating macOS 15.1, there is no such thing as a launch for Macs operating macOS Sonoma 14.7.1 or Ventura 13.7.1. Apple will probably patch the identical vulnerabilities in these methods when macOS 15.2 arrives in December.
To replace your Mac, head over to System Settings, then Common, Software program Replace, and choose Replace Now. Then comply with the prompts to restart.