Apple patches WebKit vulnerabilities in Safari 14.1 update for macOS Catalina, Mojave

Apple on Tuesday released a new version of Safari to address a pair of zero-day vulnerabilities in WebKit that it confirmed were exploited in the wild.

SafariThe latest Safari 14.1 update for macOS Catalina and macOS Mojave closes two WebKit flaws present in Apple’s current-generation operating systems, according to a security document published today.Detailed in a security disclosure on Tuesday, the two zero-day vulnerabilities — memory corruption and integer overflow issues — could allow malicious web content to execute arbitrary code on a target device. Apple said it was aware of reports that the bugs were exploited in the wild.

Read more…