1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Apple fixes its ninth major zero-day threat of 2022

    From TechnologyDaily@1337:1/100 to All on Tue Oct 25 21:30:04 2022
    Apple fixes its ninth major zero-day threat of 2022

    Date:
    Tue, 25 Oct 2022 20:12:48 +0000

    Description:
    Another day, another out-of-bounds write issue to tackle for Apple.

    FULL STORY ======================================================================

    Apple has released a fix for another new zero-day vulnerability being
    actively used in the wild - bringing the total number of addressed such flaws to nine this year.

    The flaw, discovered in both Apple smartphone and tablet devices, is
    described as an out-of-bounds write issue that threat actors can leverage to run arbitrary code with kernel privileges on vulnerable endpoints , this vulnerability is now tracked as CVE-2022-42827.

    It was reported to the Cupertino tech giant anonymously, Security Affairs reported, and was fixed through improved bounds checking for iOS 16.1 and iPadOS 16. Nine zero-days this year alone

    Apple is aware of a report that this issue may have been actively exploited. Apples security advisory reads.

    Users with an iPhone 8 and newer smartphone , any iPad Pro model, iPad Air
    3rd generation and newer, iPad 5th generation and newer, or iPad mini 5th generation and newer, should apply the latest updates immediately, as they
    are vulnerable to this zero-day.

    This is the ninth zero-day vulnerability that Apple addressed this year,
    after fixing two in January (CVE-2022-22587 and CVE-2022-22594), one in February (CVE-2022-22620), two in March (CVE-2022-22674 and CVE-2022-22675), one in May (CVE-2022-22675), one in August (CVE-2022-32894), and one in September (CVE-2022-32917). Read more

    Apple Safari patched to fix potentially dangerous zero-day flaws


    Apple releases another urgent iOS security patch, so install now


    Here are the best antivirus programs right now

    CVE-2022-32917, fixed last month, allows malicious apps to execute arbitrary code with kernel privileges, just as this latest zero-day. This one, too, was fixed with improved bounds checks.

    iOS 16, Apples latest version of its operating system for mobile phones, was released in mid-September this year. This release brought improvements to
    many apps, from a redesigned Home app for your smart appliances to better privacy features, and a big focus on the lock screen, with new fonts, colors, and themes to choose from. There's also satellite calling coming to the newly-announced iPhone 14 models, a feature coming in November 2022.

    iPadOS 16, the latest version of the operating system designed for tablets, was released yesterday. Check out the best firewalls around

    Via: Security Affairs



    ======================================================================
    Link to news story: https://www.techradar.com/news/apple-fixes-its-ninth-major-zero-day-threat-of- 2022/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)