During December 2023, major tech companies like Google, Microsoft, and Apple diligently tackled a slew of security vulnerabilities across their platforms.
Google took significant strides by patching nearly 100 security issues in Android, with a focus on critical flaws in the Framework. Among these, CVE-2023-40088 posed a risk of remote code execution, while CVE-2023-40078 was an elevation of privilege flaw, both addressed in the latest update.
Not to be outdone, Google also addressed CVE-2023-40094 in its WearOS platform, fixing another elevation of privilege bug. Meanwhile, Microsoft’s December Patch encompassed over 30 vulnerabilities, with CVE-2023-36019 standing out due to its high-impact spoofing potential within the Power Platform Connector, IANS reported.
Apple‘s iOS 17.2 release in December not only introduced new features like the Journal app but also addressed a dozen security patches. Notably, CVE-2023-42890, a vulnerability in the WebKit browser engine, was among the issues resolved, preventing potential code execution by attackers.
Moreover, Apple acknowledged a kernel flaw in the iPhone, acknowledging the possibility of apps breaking out of secure sandboxes, prompting vigilance from the tech giant.
Overall, these comprehensive efforts by industry leaders underscore a commitment to enhancing user security in the evolving digital landscape.