CVE-2024-44309 is a flaw in open-source browser engine WebKit. With this issue, devices processing malicious web content can be affected by a cross-site scripting attack. This type of attack puts malicious scripts into web pages that are viewed by other users. As with the other vulnerability, Apple says that it is aware that this flaw has been actively exploited on Intel-powered Mac systems. Apple says that “a cookie management issue was addressed with improved state management.”
Apple releases an emergency update, iOS 18.1.1 and iPadOS 18.1.1 | Image credit-PhoneArena
Apple says that the following devices have received the update and should install it: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later. Those with these iPad models will be installing iPadOS 18.1.1.
To install the update, go to Settings > General > Software Update and follow the directions.
