Eblogtip.com
  • Categories
    • News
    • Technology
    • Domains
    • Hosting
    • Promotions

Archives

  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • May 2023
  • December 2022

Categories

  • News
  • Technology
  • Uncategorized
eBlogTip
  • Categories
    • News
    • Technology
    • Domains
    • Hosting
    • Promotions
  • News

The US government is having to patch a whole lot of iPhones

  • May 23, 2023
Total
0
Shares
0
0
0


All Federal Civilian Executive Branch Agencies (FCEB) have until June 12 this year to patch a whole lot of Apple-made devices and thus protect their employees and systems from vulnerabilities allegedly being exploited in the wild.

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) issued a new order, telling FCEB organizations to secure their endpoints against three known vulnerabilities: CVE-2023-32409, CVE-2023-28204, and CVE-2023-32373.

“These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise,” CISA said in a statement.

WebKit woes

Apple recently published a security advisory detailing the discovery of three flaws in its WebKit browser engine. WebKit is Apple’s browser engine best known for being the underlying technology in the Safari web browser, as well as being used in all web browsers on iOS and iPadOS. As such, WebKit is an attractive target for threat actors looking for vulnerabilities that can be used to grant access to the target endpoint.

One is a sandbox escape flaw, one an out-of-bounds read flaw that allows threat actors unabated access to sensitive information, and one a use-after-free vulnerability allowing for arbitrary code execution. All three were fixed with improved bounds checks, input validation, and memory management.

Here’s the full list of affected endpoints:

  • iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), iPod touch (7th generation), and iPhone 8 and later
  • iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
  • Macs running macOS Big Sur, Monterey, and Ventura
  • Apple Watch Series 4 and later
  • Apple TV 4K (all models) and Apple TV HD

To secure their devices, the FCEBs should update them to macOS Ventura 13.4, iOS and iPadOS 16.5, tvOS 16.5, watchOS 9.5, and Safari 16.5.

While Apple did not say who was exploiting these flaws and to what end, BleepingComputer says given they were discovered by Google’s Threat Analysis Group and Amnesty International’s Security Lab, they were most likely used by state-sponsored threat actors.

Via: BleepingComputer


Source link

Total
0
Shares
Share 0
Tweet 0
Pin it 0
Previous Article
  • Technology

Solana launches ChatGPT plugin to help users interact with its network

  • May 23, 2023
View Post
Next Article
  • Technology

Former Apple engineer’s Mimestream app is a nifty Gmail client for Mac

  • May 23, 2023
View Post
You May Also Like
View Post
  • News

LG to launch new smart monitors that can open documents without a PC —but shame they’re not 4K

  • September 23, 2023
View Post
  • News

ICYMI: the 9 biggest tech stories of the week, from iPhone reviews to new Amazon Alexa AI

  • September 23, 2023
View Post
  • News

Sliced and diced – thousands of Pizza Hut customers hacked and password stolen

  • September 23, 2023
View Post
  • News

Quordle today – hints and answers for Saturday, September 23 (game #607)

  • September 22, 2023
View Post
  • News

Apple HomePod finally gets hands-free Spotify thanks to this iOS 17 workaround

  • September 22, 2023
View Post
  • News

Switching to an iPhone 15 from an older iPhone? Do this first and thank us later

  • September 22, 2023
View Post
  • News

This malicious fake YouTube app could hijack your phone and record all your secrets

  • September 22, 2023
View Post
  • News

Google’s iPager ad again blames Apple for green bubbles and other messaging woes

  • September 22, 2023

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

eBlogTip.com
  • Categories

Input your search keywords and press Enter.