Flaw posed remote code execution risk
Apple has resolved a certification validation vulnerability affecting both macOS and iOS users. The (CVE-2017-2485) vulnerability posed a remote code execution risk on affected systems, which created a potential mechanism for hackers to craft exploits that pushed malware on to otherwise patched iThings. The flaw – discovered and responsibly disclosed by security researchers from Cisco Talos – stemmed from bugs in the X.509 certificate validation functionality of Apple macOS and iOS. Improper...