1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • There's a major new security update for iOS and macOS, so update

    From TechnologyDaily@1337:1/100 to All on Thu Aug 18 21:00:04 2022
    There's a major new security update for iOS and macOS, so update now

    Date:
    Thu, 18 Aug 2022 19:33:02 +0000

    Description:
    Apple fixes a number of security flaws affecting macOS, iOS, and iPadOS devices

    FULL STORY ======================================================================

    Apple has released macOS Monterey 12.5.1, iOS 15.6.1, and iPadOS 15.6.1 which addresses two zero-day vulnerabilities being actively exploited in the wild.

    One of the flaws, affecting all three forms of the software is an out-of-bounds write vulnerability in the OS Kernel which can be abused to grant malicious applications highest privileges - in other words, an attacker could use it to fully take over a vulnerable endpoint .

    The second vulnerability, tracked as CVE-2022-32893, is an out-of-bounds
    write flaw in WebKit, Safaris engine used by other apps with web access. This can also be used to take over a vulnerable device, as it allows threat actors to perform arbitrary code execution. Keep your devices safe

    The company said it had been tipped off to the flaws by an anonymous user tipped Apple off, adding that it improved had bounds checking for both bugs.

    If your organization runs either Macs with macOS Monterey, iPhone 6s or later devices, all iPad Pros, iPad Air 2 and newer devices, iPads 5th gen and beyond, iPads mini 4 and newer, or iPod touch 7th generation devices, you should patch immediately, especially because the flaws are being actively exploited. Read more

    Apple rolls out emergency patch for gaping security hole in Macs, Watches


    Apple just patched a whole load of iPad, macOS and iPhone security bugs,
    so update now


    Remove viruses and ransomware with the best malware protection software
    around

    Apples been quite busy fixing zero-day vulnerabilities in recent months. In January 2022, it fixed two such flaws, namely CVE-2022-22578, and CVE-2022-22594, which allowed arbitrary code execution with kernel
    privileges. A month later, it fixed another zero-day, affecting iPhones, iPads, and Macs, and allowing threat actors to crash the OS and run remote code execution.

    In March, it patched CVE-2022-22674, and CVE-2022-22675, both zero-days
    abused to execute code with Kernel privileges. These are the best firewalls around

    Via: BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/theres-a-major-new-security-update-for-ios-and- macos-so-update-now/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)