This year, Apple has patched the 15th zero-day vulnerability, which affects both iOS and macOS

This year, Apple has patched the 15th zero-day vulnerability, which affects both iOS and macOS

These were the 15th zero-days targeting macOS and iOS, according to the technology news site SecurityWeek.

Apple has released patches for two zero-day flaws in its iOS and macOS operating systems, warning that these are being actively exploited.

The site, which tracks zero-day attacks, said there had been 64 attacks this year. Twenty have targeted Microsoft products.

The flaws were in the CoreGraphics and WebKit components of the two operating systems.

One was credited to the Citizen Lab research group, and includes an iOS zero-click exploit for iMessage that was used to target activists in Bahrain. Together with another similar exploit, these were given the name FORCEDENTRY by Citizen Lab.

The company provided no detail about the issues, merely saying about the iOS flaws:

“CoreGraphics

“Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

“Impact: Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. “Description: An integer overflow was addressed with improved input validation.

“CVE-2021-30860: The Citizen Lab; “WebKit

“Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) “Impact: Processing maliciously crafted Web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

“Description: A use after free issue was addressed with improved memory management. “CVE-2021-30858: an anonymous researcher.”

While the advisory did not say so, both flaws are also found in the macOS Big Sur 11.6 and macOS Catalina versions of the operating system. Contacted for comment, Satnam Narang, a staff research engineer at security firm Tenable, said attackers could exploit CVE-2021-30860, an integer overflow vulnerability in CoreGraphics, by sending a specially crafted PDF file to a target via iMessage.

The News Highlights

  • This year, Apple has patched the 15th zero-day vulnerability, which affects both iOS and macOS
  • Check the latest update on Security news
  • .

Disclaimer: If you need to edit or update this news from compsmag then kindly contact us Learn more

For Latest News Follow us on Google News


Latest Headlines
  • Show all
  • Trending News
  • Popular By week
Wednesday Wallpapers: 2021-09-22 Android Wallpapers
Wednesday Wallpapers: 2021-09-22 Android Wallpapers
For the newest walls as well as all the ones from previous weeks, check out this Drive link. Want to submit your own? Head to the bottom of this article. ...
Avera Marshall Reopens COVID Drive-up Tests As Need Grows |  News, Sports, Jobs
Avera Marshall Reopens COVID Drive-up Tests As Need Grows | News, Sports, Jobs
“If you have symptoms, you should isolate at home until test results are returned,” said Dr. Timothy Mok, urgent care physician with Avera Medical Group ...
India Funds 50 Percent of 1 Million Doses of E Biological Vaccines for Quad
India Funds 50 Percent of 1 Million Doses of E Biological Vaccines for Quad
Japan will continue to help regional partners purchase vaccines through its $3.3 billion Covid-19 Crisis Response Emergency Support Loan. “Australia will ...
Orono business owner cycling to DC to help other bikes access
Orono business owner cycling to DC to help other bikes access
“That program gives people, who otherwise wouldn’t be able to afford a bike, the change to own a bicycle, a helmet, a lock, as well as to get educated on safe ...
With the upgraded Edge browser, Xbox adds additional functionality
With the upgraded Edge browser, Xbox adds additional functionality
It supports a keyboard and mouse and will introduce new capabilities like access to Google Stadia, Discord, web apps, and more reports Engadget. With its ...
Commerce Chenango adds to workers
Commerce Chenango adds to workers
According to media announcements, Brianna Miner joined the organization as a management assistant and receptionist on August 26, and Karri Ann O’Connor ...
At Apple’s iPhone event, App Annie hit with securities fraud, OpenSea goes mobile
At Apple’s iPhone event, App Annie hit with securities fraud, OpenSea goes mobile
The app industry continues to grow, with a record 218 billion downloads and $143 billion in global consumer spend in 2020. Consumers last year also spent 3.5 ...
NFTs through fast food toys with cryptographic collectibles
NFTs through fast food toys with cryptographic collectibles
Or not. But there’s no end to the creative possibilities. For Whopper shoppers of another generation, we’d like to suggest “The Yoko Ono aka Screamer meal” (a ...
Now you can learn 2 languages and get some awesome earbuds in just $50
Now you can learn 2 languages and get some awesome earbuds in just $50
On sale for $50, this bundle gives you the chance to learn two new languages using uTalk, and it comes with some great wireless earbuds from xFyro. If you ...
Fortnite Won’t Be in the iOS App Store
Fortnite Won’t Be in the iOS App Store
The battle between Epic Games and Apple continues. Earlier this month, Judge Yvonne Gonzalez Rogers ruled that Apple must allow App Store developers to ...
Show next
Compsmag - Latest News from tech, business and health
Logo