Apple released iOS 18.1.1 and macOS Sequoia 15.1.1 with important security fixes, for all iPhone, iPad and Mac compatible. In an update on its security site, Apple provided more details about these vulnerabilities and states that they could have been actively exploited in practice.
Apple states that iOS 18.1.1 updates, iPadOS 18.1.1 and macOS Sequoia 15.1.1 fixes two vulnerabilities affecting WebKit and JavaScriptCore. Apparently, Apple had a report that this security issue could be actively exploited on computers Mac with Intel.
Table of Contents
Devices and Vulnerabilities Affected by iOS 18.1.1 Update and macOS Sequoia 15.1.1
JavaScriptCore
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch (3rd generation and newer), iPad Pro 11-inch (1st generation and newer), iPad Air (3rd generation and newer), iPad (7th generation and newer), and iPad mini (5th generation and newer ). Compatible devices iOS 18.1.1.
Impact: Processing maliciously crafted web content can lead to arbitrary code execution. Apple is considering a report that this issue may have been actively exploited on systems Mac based on Intel.
Description: The issue has been resolved with improved checks.
CVE-2024-44308: Clément Lecigne and Benoît Sevens of the Google Threat Analysis Group.
W
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch (3rd generation and newer), iPad Pro 11-inch (1st generation and newer), iPad Air (3rd generation and newer), iPad (7th generation and newer), and iPad mini (5th generation and newer ).
Impact: Processing maliciously crafted web content can lead to a cross-site scripting attack. Apple is considering a report that this issue may have been actively exploited on systems Mac based on Intel.
Description: A cookie handling issue has been resolved by improving state handling.
CVE-2024-44309: Clément Lecigne and Benoît Sevens of the Google Threat Analysis Group.
To update your iPhone and iPad to iOS 18.1.1 and iPadOS 18.1.1, access the application Settings, select General admissionthen Software updatesystem. (Settings > General > Software Update)
To update your Mac to macOS Sequoia 15.1.1, access System settings, select General admissionthen Software updatesystem. (System Settings > General > Software Update)
Although Apple states that these issues have so far only been exploited on computers Mac with Intel processor, it is recommended to update your devices as soon as possible to ensure that you are not vulnerable to these security holes.
Related: How to Hide Apps on iPhone or iPad in iOS 18
Apparently, these vulnerabilities were previously removed in beta versions of iOS 18.2 and macOS 15.2, but a similar security fix is also present in the iOS 17.7.2 update available for iPhones that are not compatible with iOS 18.