There are only two days left before the Vision Pro reaches its first customers, and Apple has released a security patch ahead of the launch. To protect against an active WebKit vulnerability, be sure to update VisionOS to version 1.0.2.
As with VisionOS 1.0.1, Build 1.0.2 does not contain detailed release notes.
However, an important fix has been published on Apple's security updates page. what the release includes:
WebKit
Available for: Apple Vision Pro
Impact: Processing malicious web content may lead to arbitrary code execution. Apple is aware of a reported exploit for this issue.
Description: A type confusion issue has been addressed with improved checks.
WebKit Bugzilla: 267134
CVE-2024-23222
So for those expecting the release of Vision Pro on February 2nd, be sure to install version 1.0.2 before you start exploring.
Note: Apple highlights that this security patch has been released for the developer version of VisionOS 1.0.1, but for those receiving Vision Pro, version 1.0.2 will be an available update to version 1.0.
