Patches were also released for Apple’s Mac operating systems Big Sur and Monterey, as well as Safari 16.1, watchOS 9.1 and tvOS 16.1. Users of the iPhone and iPads are urged to download the updates and patch their devices as soon as possible. Sophos’ Paul Ducklin put it succinctly at Naked Security: “Apple hasn’t said which cybercrime group or spyware company is abusing this bug, dubbed CVE-2022-42827, but given the high price that working iPhone zero-days command in the cyberunderworld, we assume that whoever is in possession of this exploit knows how to make it work effectively and is unlikely to draw attention to it themselves, in order to keep existing victims in the dark as much as possible.”Īs BleepingComputer noted in its reporting, this is the ninth zero-day vulnerability used in attacks against iPhones since the start of the year. The fixes are for iPhone 8 and later, as well as all iPad Pro models, iPad Air 3rd generation or later, iPad 5th generation or later and iPad mini 5th generation or later.Īs a number of tech media and security blogs have reported, Apple has not shared much specifics about the vulnerability and acknowledged only an anonymous researcher for discovery. Similar to past security updates this year, the most recent zero-day ( CVE-2022-42827) allowed arbitrary code execution with kernel privileges and was addressed by improving bounds checking. (Photo by Justin Sullivan/Getty Images)Īpple issued a slew of security updates to go along with its new operating systems for its Macs and devices this week.Īs Sophos’ Naked Security blog noted, Apple made over 100 security updates Monday for its newly released macOS 13 Ventura.īut the most serious security issues from the Cupertino, California-based tech giant were for a zero-day vulnerability in the operating systems for iPhones and iPads, which have been actively exploited in the wild. Apple announced that it had issued defensive software patches in iOS 14.8 and. Security researchers at Citizen Lab have discovered an exploit that they believe has been used by government clients of NSO Group, the Israeli spyware company, to silently hack into iPhones. Apple released a number of security updates this weeks for its products, including patches for the latest zero-day vulnerability to affect its iPhones and iPads. They said that this spyware affected all Apple devices, including iPhones.
0 Comments
Leave a Reply. |