Tuesday, October 25, 2022

Apple rushes out patch for iPhone and iPad 0-day reported by anonymous source


The phrase Zero Day can be spotted on a monochrome computer screen clogged with ones and zeros.

Enlarge (credit: Getty Images)

Apple on Monday patched a high-severity zero-day vulnerability that gives attackers the ability to remotely execute malicious code that runs with the highest privileges inside the operating system kernel of fully up-to-date iPhones and iPads.

In an advisory, Apple said that CVE-2022-42827, as the vulnerability is tracked, “may have been actively exploited,” using a phrase that’s industry jargon for indicating a previously unknown vulnerability is being exploited. The memory corruption flaw is the result of an “out-of-bounds write,” meaning Apple software was placing code or data outside a protected buffer. Hackers often exploit such vulnerabilities so they can funnel malicious code into sensitive regions of an OS and then cause it to execute.

The vulnerability was reported by an “anonymous researcher,” Apple said, without elaborating.

Read 4 remaining paragraphs | Comments

Reference : https://ift.tt/rsdmTKL

No comments:

Post a Comment

NATO’s Emergency Plan for an Orbital Backup Internet

On 18 February 2024, a missile attack from the Houthi militants in Yemen hit the cargo ship Rubymar in the Red Sea. With the crew evacu...