Apple Issues Emergency Security Updates iOS 18.1.1 and macOS Sequoia 15.1.1 Addressing Newly Exploited Flaws

Apple has issued a new round of updates meant to address newly discovered flaws in iPhones and Macs, warning that hackers may have actively exploited the weaknesses.

Yesterday, the Cupertino tech giant rolled out five emergency updates – all addressing the same two security flaws in products like iPhone, iPad, Macs running macOS Sequoia, the Apple Vision headset, and the Safari web browser.

The first bug, tracked as CVE-2024-44308, is a JavaScript flaw that can be exploited by sending the victim “maliciously crafted web content,” which means “a malicious link” in infosec jargon.

The advisory doesn’t mention whether the target must interact with the tainted link to let the hacker in. But it does say that “Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.”

The second vulnerability, tracked as CVE-2024-44309, is a similar issue in the open-source WebKit browser engine.

“Processing maliciously crafted web content may lead to a cross site scripting attack,” reads the notice.

As with the JavaScript bug, this flaw is also thought to have been exploited in attacks on Intel Macs.

The same flaws found in multiple Apple products

Apple patched the bugs in macOS Sequoia 15.1.1. Because both vulnerabilities are also present in iPhones, iPads and Apple Vision headsets, – though not actively exploited to Apple’s knowledge – Apple also offers iOS 18.1.1 and iPadOS 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, and visionOS 2.1.1.

For customers running older generations of macOS (Ventura and Sonoma), Safari 18.1.1 is available containing the same two critical fixes.

Apple’s fight against spyware continues

It’s important to note that both weaknesses were reported to Apple by researchers Clément Lecigne and Benoît Sevens of Google's Threat Analysis Group. Over the past few years, Google’s security team has been working closely with Apple’s in a fierce battle against targeted spyware attacks.

Spyware is one the most dangerous types of malware affecting unptached Apple devices. It’s used to pilfer sensitive data, listen to conversations, take video recordings, and more – all without any victim input or knowledge.

Legal documents that surfaced last week say the infamous Israeli spyware maker NSO Group has been infecting hundreds of thousands to tens of thousands of devices with its infamous Pegasus spyware, despite efforts by Facebook, Apple and Google to muffle its operations.

A footnote in one of those documents mentions NSO Group’s CEO saying in a deposition that Pegasus was used by Dubai’s ruler to target his ex-wife, Princess Haya.

Earlier this year, Apple announced it was dropping its year-long legal tussle with NSO Group to avoid having to disclose the threat intelligence it has developed to combat Pegasus infections on products like iPhones and Macs.

Stay protected!

It’s now your job to deploy the updates to protect yourself from attacks.

As always, Bitdefender recommends you keep your devices up to date with the latest security patches issued by the vendor as the first important step against a spyware infection – especially if you consider yourself a target.

Remember to keep the trusty Lockdown Mode toggle handy if you believe hackers might be targeting you.

For peace of mind, run a dedicated security solution on all your personal devices.