ISLAMABAD: Apple has released security patches to mitigate critical vulnerabilities (CVE-2023-42916 & CVE-2023-42917) affecting WebKit Browser Engine.

The National Telecommunication and Information Security Board (NTISB) has issued a cyber-security advisory while saying that CVE-2023-42916 & CVE-2023-42917 is being actively exploited by threat actors to access sensitive data and execution of arbitrary code through crafted webpages on unpatched devices.

It further stated that Apple iPhone, iPad and iPod running iOS versions (16.7.3 or older) are affected with the above-mentioned vulnerabilities and consequently patches / updated versions are available.

All users are advised to ensure the following: CVE-2023-42916 & CVE-2023-42917 have been patched in iOS version 17.2. Therefore, all Apple users should immediately upgrade to iOS latest version (17.2 or above) from the official Apple Store.

Further, enable Lockdown Mode (optional; extreme protection mode) to block a cyber-attack.

The advisory recommended to protect devices with strong pass codes and uses two factor authentications on Apple ID. Install apps from official Apple Store only to avoid malware/infection. Use anonymity-based solutions (over internet while surfing) and mask identity of key appointment holders/individuals. Always disable location from Apple devices/Subscribe to Apple’s security bulletins, threat notifications and auto OS update features, it added.

Copyright Business Recorder, 2024