Apple users, particularly those with Intel-based MacBooks, are urged to update their operating systems immediately following the discovery of two actively exploited zero-day vulnerabilities. The warning comes as former Binance CEO Changpeng Zhao, commonly known as CZ, took to social media with a stark message: “If you use a Macbook with Intel based chip, update asap! Stay SAFU!”
Apple confirmed the active exploitation of these vulnerabilities in a security advisory released on Tuesday. The vulnerabilities, identified by Google’s Threat Analysis Group (TAG), affect both macOS and iOS systems, prompting Apple to release urgent security updates: iOS 18.1.1, macOS Sequoia 15.1.1, and iOS 17.7.2 for older devices.
The first vulnerability, CVE-2024-44308, resides within JavaScriptCore and allows arbitrary code execution through maliciously crafted web content. The second, CVE-2024-44309, impacts WebKit and can lead to cross-site scripting attacks, also triggered by malicious web content. Both vulnerabilities are confirmed to be actively exploited on Intel-based Mac systems.
As is typical, Apple refrained from providing details about the nature of the attacks or indicators of compromise, hindering efforts by security researchers to identify affected systems.
