![]() ![]() The organization has been active in uncovering and publicizing vulnerabilities that can be utilized in surveillance activities, and is well-known for exposing spyware makers such as NSO Group. ![]() In its postings, Apple added that it “would like to acknowledge The Citizen Lab at The University of Toronto’s Munk School for their assistance,” though didn’t specify which issue or issues The Citizen Lab had assisted with. The security fixes also address a kernel vulnerability (CVE-2023-23514) in iOS, iPadOS and macOS Ventura that was discovered by researchers at Google Project Zero, and a shortcuts vulnerability (CVE-2023-23522) in macOS Ventura. In security updates posted online on Wednesday and Thursday, Apple said the vulnerability affects iPhones dating back to the 6S model, iPad 5th generation and later, iPad Air 2 and later, iPad. It was discovered by an anonymous researcher, according to the company. In January, Apple released iOS 16.3 and macOS 13.2, along with other software updates.However, the release notes only mentioned the new iOS 16.3 features like the new unity wallpaper, Security. Updates macOS 13.2.1, iOS 16.3.1, iPadOS 16.3.1, and Safari 16.3.1 fix the flaw, tracked as CVE-2023-23529, which may allow maliciously crafted. The vulnerability has been characterized as a type confusion issue, which was addressed through “improved checks,” Apple said. Apple has released iOS 16.2, the latest software update for iPhone and iPad, which fixes multiple security vulnerabilities, including several that could allow cyber attackers to run. Apple this week released bug-splatting updates to its operating systems and Safari browser, to fix a zero-day vulnerability in its WebKit browser engine thats reported to have been actively exploited. The flaw affects iPhone models as far back as iPhone 8, Macs running macOS Ventura and numerous iPad models.ĬISA said it’s urging administrators and users to review the information posted by Apple and “apply the necessary updates as soon as possible.” In its notes on the WebKit vulnerability, Apple said that it’s “aware of a report that this issue may have been actively exploited.” ![]() In an advisory Tuesday, CISA drew attention to the issue by noting that “an attacker could exploit these vulnerabilities to take control of an affected device.” The vulnerability “may have been actively exploited,” Apple said. Security support documents for both updates were refreshed yesterday. On Monday, Apple released iOS 16.3.1, iPadOS 16.3.1 and macOS Ventura 13.2.1 in response to the discovery of the zero day WebKit vulnerability, which is being tracked at CVE-2023-23529. Data about these vulnerabilities was relayed to Apple, and the company fixed the exploits in iOS 16.3 and macOS 13.2 Ventura. Cybersecurity and Infrastructure Security Agency (CISA) said Tuesday it’s encouraging the deployment of Apple updates “as soon as possible” for a vulnerability affecting iPhones, Macs and iPads. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |