Apple fixed a buffer overflow issue with improved memory handling, to mitigate the problem.
The security loophole in question, which was tracked under CVE-2023-41064, could allow maliciously crafted images to lead to arbitrary code execution. The good news is Apple has patched the issue on all 4 operating systems, in order to protect users who have the old devices.
And as it turns out, it appears that iOS 15 and iPadOS 15 were also vulnerable to the security risk. Or was I partially right? According to the release notes that have been published on the company's website, only one of the 2 actively exploited issues that I mentioned in the previous article, were found to impact macOS 11 Big Sur and macOS 12 Monterey.
#AVAST FOR IPHONES UPDATE#
Since Apple had not released an update for older versions of its operating systems last week, I had speculated that the vulnerabilities possibly didn't affect older versions of macOS, but I was wrong. This feature is not available in older versions of iOS, iPadOS, and macOS, so the only way to stay safe is to keep your device up to date with the latest security updates. Interestingly, Apple had confirmed to the folk at Citizen Lab that Lockdown Mode, which is available for the three operating systems, had been successful in preventing the security attack.
#AVAST FOR IPHONES PATCH#
The Cupertino company released a patch a few days ago, to fix the flaws in the iOS 16.6.1, iPadOS 16.6.1, and macOS Ventura 13.5.2 updates. Apple's Security Engineering and Architecture team had acknowledged the bugs, and confirmed the fact that the flaws have been actively exploited by hackers. The researchers had quickly reached out to Apple to report about the issues and to share their findings with the company, to help protect other users from similar targeted attacks. There was not just one, but two security loopholes in the operating systems, that had been targeted by cybercriminals. The experts had also found that the attack used a zero-day, zero-click vulnerability which required no interaction from the user. Researchers at The Citizen Lab at The University of Toronto's Munk School, who had been analyzing an iPhone belonging to a member of a civil society organization in Washington, had discovered that the device was targeted in a Pegasus mercenary spyware attack.
In case you missed it, here's what happened last week.
0 kommentar(er)
