Serious iOS Vulnerability Patched in iOS 16.1; Possible active exploits


If you haven’t updated to iOS 16.1 yet, you may want to do so sooner rather than later: one of the changes is the zero-day vulnerability patch. Apple says the vulnerabilities may be in active use.

The vulnerability is the kind that hackers often exploit to enable them to run malicious code on target devices…

Apple listed it as a vulnerability in the kernel.

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: The application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue has been actively exploited.

Description: A write out of bounds issue was addressed with improved bounds checking.

CVE-2022-42827: Unidentified Researcher

So-called zero-day vulnerabilities are those discovered by others before the company itself knew them. Arstechnica He says that brings the number of zero-day vulnerabilities known to Apple this year to eight or nine.

This spreadsheet maintained by Google researchers showed that Apple has set seven zero days so far this year, not including CVE-2022-42827. Counting the latter would bring Apple’s zero-day total for 2022 to eight. However, Bleeping Computer said CVE-2022-42827 is Apple’s ninth zero-day fix in the past 10 months. […]

Along with CVE-2022-42827, the updates fix 19 other vulnerabilities, including two in the kernel, three in the Point-to-Point protocol, two in WebKit, and one in AppleMobileFileIntegrity, Core Bluetooth, IOKit, and a sandbox iOS this.

As with any zero-day vulnerability, the risk to the average user is minimal. Most zero days are reported by security researchers or sold to nation states by hackers – and then will generally be used in targeted attacks against specific individuals. However, the risk of large-scale attacks is always there, so it is always a good idea to keep your devices up to date.

In addition to security fixes, iOS 16.1 brings support for Live Activities, Clean Power Charging, iCloud Shared Photo Library, and more. Check out the full release notes here. If you are running the trial version, you will need to uninstall it first.

Photo: PxHere

FTC: We use affiliate links to earn income. more.


Check out 9to5Mac on YouTube for more Apple news:



Source link

Write a Reply or Comment

Your email address will not be published. Required fields are marked *