macOS 11.3.1 security update for macOS Big Sur closes two critical security holes

macOS 11.3.1 security update

Apple just seems to be throwing around with updates. A good week after the macOS 11.3 update, the next macOS Big Sur update arrived. This time, however, it is not an extension of macOS to include certain functions, but a pure security update that focuses on the Apple browser engine.

The new macOS 11.3.1 update for macOS Big Sur is a security update that closes two loopholes in WebKit.

The new macOS 11.3.1 update for macOS Big Sur is a security update that closes two loopholes in WebKit.

Apple fixes two security holes in WebKit

The current macOS update 11.3.1 provides more security by closing two problems in Apple's WebKit. Apple itself describes the content of the security update here on a support page.

macOS BigSur 11.3.1
Released May 3, 2021

W
Available for: macOS Big Sur

Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Description: A memory corruption issue was addressed with improved state management.
CVE-2021-30665: yangkang (@dnpushme) & zerokeeper & bianliang of 360 ATA

W
Available for: macOS Big Sur

Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Description: An integer overflow was addressed with improved input validation.
CVE-2021-30663: to anonymous researcher

In German you could say that these two security holes made it possible to execute code on the Mac through special (malicious) web content.

Apple adds that with both holes it could actually have happened that this hole was actively exploited in the past.

New, important updates are usually notified via the dock in macOS.

New, important updates are usually notified via the dock in macOS.

macOS 11.3.1 update? Yes!

Should you now install the update as a Mac user with macOS Big Sur? I would say yes, but - even if it looks like a small update - I would create a 1: 1 backup of the system hard drive beforehand. Especially with these quick security updates, there were unexpected side effects here and there in the past.

This is probably due to the fact that these updates close security gaps and that they are therefore knitted with the "hot needle".

Nevertheless, I think installing the update is important because you don't want to leave security gaps open. Especially when it comes to the execution of malware through websites, the risk of falling victim to this attack is relatively high.

-

Did you like the article and did the instructions on the blog help you? Then I would be happy if you the blog via a Steady Membership or at Patreon would support.

Leave a Comment

Your e-mail address will not be published.