1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Apple fixes dangerous iOS flaw that could have let hackers take o

    From TechnologyDaily@1337:1/100 to All on Tue Jan 24 11:30:03 2023
    Apple fixes dangerous iOS flaw that could have let hackers take over your iPhone

    Date:
    Tue, 24 Jan 2023 11:11:36 +0000

    Description:
    Newer iOS devices were patched late last year, but older ones remained vulnerable.

    FULL STORY ======================================================================

    Apple has released a fix to a dangerous security flaw that could have allowed threat actors to completely take over older versions of the iPhone and the iPad.

    The flaw was apparently being used in the wild, but Apple is not sharing any details on exact incidents until the majority of the endpoints apply the patch.

    The patch addresses a confusion weakness vulnerability in Apples Webkit web browser engine. Its tracked as CVE-2022-42856 and allows threat actors to run arbitrary code on target devices which, in theory, could also give them
    access to the entire device. It was given a severity score of 8.8 - High. Active exploitation

    In late 2022, Apple fixed it for Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Now, it expanded the patchs reach
    to a wider set of vulnerable device series, including iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation).

    Apple says there are reports of the flaw being actively exploited in the
    wild, but doesnt want to share any details as it might prompt more threat actors to try and abuse it. The media are saying the CVE is most likely used in targeted attacks only, but that shouldnt mean regular consumers shouldnt rush to apply the patch. Read more

    Apple Safari patched to fix potentially dangerous zero-day flaws


    There's a major new security update for iOS and macOS, so update now


    Here's our list of the best identity theft protection tools around

    The fix comes as part of a wider patching event, in which Apple fixed dozens of security flaws found in both its Safari web browser, and the latest iterations of macOS, iOS, and watchOS devices. However, it seems as the CVE-2022-42856 is the only fixed vulnerability being actively exploited in
    the wild.

    We expect Apple to release the details on how crooks were taking advantage of the flaw, and if any malware, infostealers, or trojans, were included. Stay protected online with these best firewalls

    Via: BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/apple-fixes-dangerous-ios-flaw-that-could-have- let-hackers-take-over-your-iphone


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)