acm-header
Sign In

Communications of the ACM

ACM TechNews

Apple Fixes Another 3 iOS Zero-Days Exploited in the Wild


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
The Apple logo sporting bandages.

Apple has released security updates for iOS to patch three zero-day vulnerabilities that were exploited in the wild.

Credit: latesthackingnews.com

Apple has released patches for three iOS zero-day vulnerabilities that were exploited in the wild, and reported by an anonymous researcher.

One exploit affects the iOS operating system (OS) kernel, and was described as a race condition bug that permits hackers to elevate privileges for their attack code.

The other two flaws were found in the WebKit browser engine, and characterized as logic issues that could enable remote attackers to execute malware inside users' Safari browsers.

Security experts think the zero-days are part of an exploit chain in which users are drawn to a malicious site that exploits the WebKit bug to run code that later escalates its privileges to run system-level code and compromise the OS.

From ZDNet
View Full Article

 

Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA


 

No entries found