iOS 18.1.1 and macOS Sequoia 15.1.1 patch security vulnerabilities that were actively exploited

Apple released iOS 18.1.1 and macOS Sequoia 15.1.1 with important security fixes. In an update to its security website, Apple has further detailed these vulnerabilities and says that they may have been actively exploited in the wild.

Apple details that iOS 18.1.1, iPadOS 18.1.1, and macOS Sequoia 15.1.1 patch two vulnerabilities affecting WebKit and JavaScriptCore. The company says that it is aware of “a report that this issue may have been actively exploited on Intel-based Mac systems.”

JavaScriptCore

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.
• Description: The issue was addressed with improved checks.
• CVE-2024-44308: Clément Lecigne and Benoît Sevens of Google’s Threat Analysis Group

WebKit

• Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
• Impact: Processing maliciously crafted web content may lead to a cross site scripting attack. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.
• Description: A cookie management issue was addressed with improved state management.
• CVE-2024-44309: Clément Lecigne and Benoît Sevens of Google’s Threat Analysis Group

You can update your iPhone and iPad to iOS 18.1.1 and iPadOS 18.1.1 by going to the Settings app, choosing General, then choosing Software Update.

You can update your Mac to macOS Sequoia 15.1.1 by going to System Settings, choosing General, and choosing Software Update.

Even though Apple says these issues were only exploited on an Intel-based Mac so far, it is crucial that you update your devices as soon as possible to ensure that you are not susceptible to the vulnerabilities.