Forward of the eagerly anticipated macOS 15.2 replace, Apple on Tuesday launched the macOS Sequoia 15.1.1 emergency replace to patch a pair of scary vulnerabilities which have already been utilized in distant assaults.
The 2 patches repair flaws in JavaScript and WebKit, and have been each found by Google’s Risk Evaluation Group. Apple says each vulnerabilities “might have been actively exploited on Intel-based Mac techniques.” Apple doesn’t particularly say whether or not Apple silicon Macs are affected, however the identical flaws have been patched in iOS 18.1.1.
JavaScriptCore
- Affect: Processing maliciously crafted net content material might result in arbitrary code execution. Apple is conscious of a report that this concern might have been actively exploited on Intel-based Mac techniques.
- Description: The difficulty was addressed with improved checks.
- WebKit Bugzilla: 283063
- CVE-2024-44308: Clément Lecigne and Benoît Sevens of Google’s Risk Evaluation Group
WebKit
- Affect: Processing maliciously crafted net content material might result in a cross website scripting assault. Apple is conscious of a report that this concern might have been actively exploited on Intel-based Mac techniques.
- Description: A cookie administration concern was addressed with improved state administration.
- WebKit Bugzilla: 283095
- CVE-2024-44309: Clément Lecigne and Benoît Sevens of Google’s Risk Evaluation Group
Whereas the replace is obtainable for all Macs operating macOS 15.1, there isn’t any launch for Macs operating macOS Sonoma 14.7.1 or Ventura 13.7.1. Apple will possible patch the identical vulnerabilities in these techniques when macOS 15.2 arrives in December.
To replace your Mac, head over to System Settings, then Normal, Software program Replace, and choose Replace Now. Then observe the prompts to restart.