With macOS 13.2.1 and iOS 16.3.1, Apple also fixed a security breach related to WebKit (the Safari web browser engine) that had been “actively exploited.” But it’s worth keeping in mind that these vulnerabilities have all been fixed with iOS 16.3.1, which is now available to all users. It’s unclear why exactly Apple didn’t mention such security exploits before. Impact: An app may be able to execute arbitrary code out of its sandbox or with certain elevated privilegesĭescription: The issue was addressed with improved memory handling.ĬVE-2023-23530: Austin Emmitt, Senior Security Researcher at Trellix ARC Two other Foundation-related exploits could let attackers execute arbitrary code on the iPhone or iPad with higher privileges, bypassing the app’s sandbox.Īvailable for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later One of the exploits, which was found in the system’s Crash Reporter, could let attackers read arbitrary files as root. Interestingly, the iOS 16.3 security content webpage has also been updated with three new exploits that were fixed with the update. Apple says the DoS problem has been fixed with “improved input validation.” The new exploit listed by Apple that was patched with iOS 16.3.1 is related to a “maliciously crafted certificate” that could lead to a denial-of-service (DoS) attack, when the attacker floods the device or network with traffic to trigger a crash. More security patches listed with iOS 16.3 updatesĪs noted by Aaron on Twitter, Apple has added a new Common Vulnerabilities and Exposures (CVE) for iOS 16.3.1 and three new CVEs for iOS 16.3, which was released in January. Although the company had already detailed these patches on its website, Apple has now updated its security webpage to reveal that there are even more exploits that have been fixed with the latest iOS updates. With the release of iOS 16.3.1 last week, Apple has released multiple security patches for iPhone and iPad users.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |