Apple has released macOS 14 Sonoma, which includes patches for over 60 vulnerabilities. These flaws could potentially allow attackers to obtain sensitive information, execute arbitrary code with elevated privileges, escape the sandbox, cause denial-of-service conditions, escalate privileges, bypass security mechanisms, delete files, modify protected parts of the file system, and conduct UI spoofing.
While some vulnerabilities can be exploited remotely through specially crafted websites, most require the presence of a malicious app on the targeted device. Notably, one of the vulnerabilities, CVE-2023-41993, was previously exploited as a zero-day to deliver spyware to iPhones. Additionally, Apple released an iOS 17 update that does not patch any security flaws but updated its advisory for iOS 16.7 and iPadOS 16.7 to inform users that these versions patch an additional 17 vulnerabilities.
Read more: https://www.securityweek.com/macos-14-sonoma-patches-60-vulnerabilities/
