Apple Updates for Zero-Day Exploits on macOS

Apple has issued emergency updates to address two zero-day vulnerabilities that have been actively exploited on Intel-based Mac systems. These vulnerabilities, identified as CVE-2024-44308 and CVE-2024-44309, involve the JavaScriptCore and WebKit, potentially allowing arbitrary code execution and cross-site scripting attacks through maliciously crafted web content. The updates apply to iOS, iPadOS, macOS, and Safari, with specific patches for devices such as iPhone XS and later, various iPad models, and macOS Sequoia-compatible computers. Apple's response comes after Google’s Threat Analysis Group reported potential exploitation, possibly by state-sponsored entities. Users are urged to update their devices promptly to mitigate risk, with updates available through the usual software update mechanisms.