Today, Apple released Rapid Security Responses for macOS 13.4.1 and iOS/iPad OS 16.5.1. These Rapid Security Responses address CVE-2023-37450 and CVE-2023-32439 respectively. At this point in time, not much information on these vulnerabilities are available other than they address a potentially exploited WebKit vulnerability where “Processing maliciously crafted web content may lead to arbitrary code execution.”
Apple’s Rapid Security responses are smaller updates released to patch specific frameworks used within Apple’s operating systems such as Safari, and other critical system libraries. These updates are sent in between minor operating system releases and are denoted by a letter such as “macOS 13.4.1 (a)”. RSRs are delivered through the regular software update mechanisms via System Settings. Please click here for more information on Apple’s RSRs.
If you own or possess a Mac, iPhone, or iPad that is capable of running macOS 13 or iOS/iPadOS 16, please update your devices as soon as possible to have these vulnerabilities addressed.