Make Sure to Update: iOS 18.1.1 and macOS Sequoia 15.1.1 Fix Actively Exploited Vulnerabilities

[MacRumors]

The iOS 18.1.1, iPadOS 18.1.1, and macOS Sequoia 15.1.1 updates that Apple released today address JavaScriptCore and WebKit vulnerabilities that Apple says have been actively exploited on some devices.

With the JavaScriptCore vulnerability, processing maliciously crafted web content could lead to arbitrary code execution. The WebKit vulnerability had the same issue with maliciously crafted web content, and it could lead to a cross site scripting attack.

Apple says that it is aware of reports that these two issues may have been actively exploited on Intel-based Mac systems. While the vulnerabilities are only known to have impacted older Macs, other devices are vulnerable to attack because they have the same security flaws.

For that reason, it is a good idea to update your devices to the latest software as soon as possible.

Article Link: Make Sure to Update: iOS 18.1.1 and macOS Sequoia 15.1.1 Fix Actively Exploited Vulnerabilities

 

[MrENGLISH]

macOS Sequoia 15.1.1 isn't even showing up for me yet 🤷‍♂️

EDIT: Rebooted my MBP and now it is showing up. Installing now...

 

[Realityck]

patches involved
iOS 18.1.1 (Build 22B91) - November 19, 2024
iPadOS 18.1.1 (Build 22B91) - November 19, 2024
iPadOS 17.7.2 (Build 21H22) November 19, 2024
macOS 15.1.1 (Build 24B91 | 24B2091) - November 19, 2024
visionOS 2.1.1 (Build 22N591) - November 19, 2024

 

[EU-Regulations]

Now this one is really and finally Fixing the fix.

 

[Lizzard899]

They didnt fix any bugs....I feel like they just pushed it out for Thanksgiving. IOS 18 has been a mess. Messed up icloud storage (doesn't collabrate the correct number), issues with messages app where messages show up as group text when its only 1 single text between me and 1 other person. The list goes on and on. I bet the notes app isn't fixed either

 

[Gazza123]

Still waiting for 18.2 beta 4 to get released.

 

[N0ughtsAndCr0sses]

Still waiting for 18.2 beta 4 to get released.

Haha

Same

By the amount of comments on this thread, deffo no one on public releases 🤣🤣😈😈

 

[N0ughtsAndCr0sses]

I suspect a beta 4 tomorrow


We can’t be that lucky for that in an hour 🤙🏻

 

[TheDailyApple]

Do these vulnerabilities affect iOS 17.x.x and macOS 14.x.x?

 

[smorrissey]

I don't think so... waiting here for 18.2 even 18.3 maybe...

 

[ignatius345]

Whatever happened to those Rapid Security Response patches they were supposed to be able to deploy quickly? Are those being used? I see so many urgent system updates, but I can't remember getting a Rapid Security Response thing automatically.

 

[winxmac]

Whatever happened to those Rapid Security Response patches they were supposed to be able to deploy quickly? Are those being used? I see so many urgent system updates, but I can't remember getting a Rapid Security Response thing automatically.

iOS 16 was the only major version that had rapid security response

 

[decafjava]

They didnt fix any bugs....I feel like they just pushed it out for Thanksgiving. IOS 18 has been a mess. Messed up icloud storage (doesn't collabrate the correct number), issues with messages app where messages show up as group text when its only 1 single text between me and 1 other person. The list goes on and on. I bet the notes app isn't fixed either

Not supposed to I understand, just plug a vulnerability.

 

[lkrupp]

Do these vulnerabilities affect iOS 17.x.x and macOS 14.x.x?

Well, you might take the time to go to Apple’s security updates websites and see for yourself. According to Apple’s notes the 15.1.1 mainly affects Intel based Macs.

Apple Security Releases

 

[thebig93]

Do these vulnerabilities affect iOS 17.x.x and macOS 14.x.x?

I'm downloading iOS 17.7.2 right now. The only thing for macOS 14 was an upgrade to Safari 18.1.1 (so far).

 

[Yvan256]

And yet, ads on iOS can open a browser without our authorization if we touch anywhere on their full-screen videos, or touch one pixel outside their tiny 16×16 pixels "close" button.

Apple really needs to take over the ads with their own standard interface layered on top of the ads, and prompt us if we really want to open a URL in the browser.

 

[doboy]

There’s a much much higher likelihood of you being bit by a bug that Apple likely introduced with this update than you ever getting exploited from this security hole

 

[vogam]

just fyi this update caused my M4 iPad Pro 11" display to no longer be recognized as genuine
edit: added a parts/service screenshots

Spoiler: image

Spoiler: image2

Spoiler: image3

 

[match14]

A patch for iOS 17 but not Sonoma?

 

[Reverend Benny]

A patch for iOS 17 but not Sonoma?

I know, its odd.
Guessing there will be a pile of patches for older MacOS and iOS (15 and 16) out farily soon. Guessing they focus on the large installbase first.

 

[DreadedFun]

iOS 16 was the only major version that had rapid security response

But it’s still in the settings for software updates. It is that different from iOS 16?

 

[Morod]

Do these vulnerabilities affect iOS 17.x.x and macOS 14.x.x?

About the security content of macOS Sonoma 14.7.1 - Apple Support

This document describes the security content of macOS Sonoma 14.7.1.

support.apple.com

 

[bviktor]

They didnt fix any bugs....I feel like they just pushed it out for Thanksgiving. IOS 18 has been a mess. Messed up icloud storage (doesn't collabrate the correct number), issues with messages app where messages show up as group text when its only 1 single text between me and 1 other person. The list goes on and on. I bet the notes app isn't fixed either

They fixed CVE-2024-44308 and CVE-2024-44309.

 

[bellnen]

Well, you might take the time to go to Apple’s security updates websites and see for yourself. According to Apple’s notes the 15.1.1 mainly affects Intel based Macs.

Apple Security Releases

Well the updates for iOS, iPad OS and Vision OS don‘t exactly scream confidence in the „just intel based macs“…… Don‘t remember any intel powered devices there….

 

[Reverend Benny]

But it’s still in the settings for software updates. It is that different from iOS 16?

No, but I guess he meant that iOS 16 was the only OS where it has been used so far. The Rapid Response function.