![]() This kind of bug has been exploited in the past by nation-state spyware, first breaking into the device’s web browser in order to gain control of the whole operating system and accessing sensitive data. Security experts are advising users to update any device that could be affected including iPhones from 6S and above, newer iPads, Mac computers using MacOS Monterey, and even some iPod models. One bug could be exploited if the device has accessed or processed “maliciously crafted web content may lead to arbitrary code execution.”Īpple’s support page said that the second bug means malicious actors “may be able to execute arbitrary code with kernel privileges,” which effectively grants full access to the device. This is the second emergency update for iPhones and iPads this month, following a patch earlier in March that fixed a different WebKit flaw.Īpple said this new issue "was addressed by improved management of object lifetimes," although we really can only guess at what that means.Ĭredit for finding the flaw was given to Clément Lecigne and Billy Leonard, both researchers in Google's Threat Analysis Group.The tech giant has said it was “aware of a report that this issue may have been actively exploited,” but did not expand on just how many users had been affected.īoth bugs exist within WebKit, Apple’s browser engine that powers Safari and applications. That would be very bad indeed, as it means that ne'er-do-wells can embed code in websites that can redirect you to malicious websites or even steal information, such as passwords or credit-card numbers, from your browser. The flaw lets a malicious website or web page spark "universal cross-site scripting" in WebKit, says Apple. If an update appears, then click Download and Update. Locate the iPhone's page in either Finder or iTunes, click General or Settings, then click Check for Update. ![]() On Macs running macOS 10.14 Mojave or earlier, open iTunes, where the iPhone should appear. On Macs running macOS 10.15 Catalina or later, the phone should pop up in Finder. ![]() ![]() If there's no Wi-Fi available, you can tether your iDevice to a previously "trusted" computer using a USB cable. You can also force a update by making sure your device is connected to the internet over a local Wi-Fi network, then going to Settings > General > Software Update and tapping Download and Install. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |