Another update, this time about security and Webkit. As noted, Apple never discloses the changes when its about security.

Released November 19, 2024

JavaScriptCore

Available for: macOS Sequoia

Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.

Description: The issue was addressed with improved checks.

WebKit Bugzilla: 283063

CVE-2024-44308: Clément Lecigne and Benoît Sevens of Google’s Threat Analysis Group

WebKit

Available for: macOS Sequoia

Impact: Processing maliciously crafted web content may lead to a cross site scripting attack. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.

Description: A cookie management issue was addressed with improved state management.

WebKit Bugzilla: 283095

CVE-2024-44309: Clément Lecigne and Benoît Sevens of Google’s Threat Analysis Group