“A booby trapped web page can trick iPhones, iPads and Macs into running unauthorised and untrusted software code,” according to software form Sophos. There are actually two security vulnerabilities identified, the more dangerous of the two is to an HTML rendering tool called WebKit. “The company said it is aware of reports of attackers actively exploiting the bug,” that site reports. Mac: System Preferences > Software UpdateĪnd do this ASAP, because security blog Dark Reading says the vulnerability is already being exploited in the wild. APPLE IOS SECURITY UPDATEIPhone and iPad: Settings > General > Software Update APPLE IOS SECURITY HOW TOThe Verge explains how to update your Apple software, which is thankfully simple: APPLE IOS SECURITY PROIn typical frustrating Apple language, they downplay it with the technical terminology that “An application may be able to execute arbitrary code with kernel privileges.” But Apple is at least more clear on which devices can be affected, which per Apple, are “iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)” But that’s where we are, as CNN reports that an Apple security vulnerability has been discovered, one so severe that the DHS’ Cybersecurity & Infrastructure Security Agency says “An attacker could exploit one of these vulnerabilities to take control of an affected device.” Less than three weeks before introducing the newest iPhone is not the best time for Apple to announce that a massive security problem has been found in the last several years' newest iPhones. Impact: Processing maliciously crafted web content may lead to arbitrary code executionĭescription: A buffer overflow issue was addressed with improved memory handling.ĬVE-2022-32886: P1umer, afang5472, xmzyshypncĭescription: An out-of-bounds read was addressed with improved bounds checking.A newly discovered security exploit is already taking over iPhones, iPads, and other Apple devices in the wild, and Apple people should drop everything and get the latest software update. Impact: A person with physical access to an iOS device may be able to access photos from the lock screen Impact: A website may be able to track users through Safari web extensionsĭescription: A logic issue was addressed with improved state management. Impact: Visiting a malicious website may lead to address bar spoofingĬVE-2022-32795: Narendra Bhati of Suma Soft Pvt. Impact: A user may be able to elevate privilegesĭescription: A memory corruption issue was addressed with improved input validation. Impact: An app may be able to read sensitive location informationĭescription: A logic issue was addressed with improved restrictions.ĬVE-2022-32883: Ron Masas, Apple is aware of a report that this issue may have been actively exploited.ĭescription: The issue was addressed with improved bounds checks. Impact: An application may be able to execute arbitrary code with kernel privileges. Impact: An app may be able to disclose kernel memoryĬVE-2022-32864: Linus Henze of Pinauten GmbH () Impact: An app may be able to execute arbitrary code with kernel privilegesĭescription: The issue was addressed with improved memory handling. Impact: An app may be able to bypass Privacy preferencesĭescription: This issue was addressed with improved checks.ĬVE-2022-32854: Holger Fuhrmannek of Deutsche Telekom Security Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |