Apple iOS 14.8 and iPadOS 14.8 update: An integer overflow was addressed with improved input validation. Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Updates are available for iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
|Vulnerable Product||Search on Vulmon||Subscribe to Product|
apple iphone os
apple mac os x
apple mac os x 10.15.7
Symantec solutions help detect, filter, and block the threat.
Posted: 23 Sep, 20213 Min ReadThreat Intelligence SubscribeFollowtwitterlinkedinPegasus Spyware Takes Flight AgainSymantec solutions help detect, filter, and block the threat.The recent iOS 14.8 update fixes a zero-day, zero-click exploit for a vulnerability affecting every mobile iOS device. The flaw, dubbed FORCEDENTRY (CVE-2021-30860), resided in Apple’s iMessage and, according to a report by The Citizen Lab, was used to push NSO Group...
Get our weekly newsletter Meta adverse to internet mercenaries using its social networks to help governments violate human rights
Facebook successor Meta on Thursday said it canceled 1,500 social media accounts used by seven surveillance-for-hire firms to conduct online attacks against government critics and members of civil society.
These accounts were primarily used to observe targets and lure them into visiting malicious websites, or receiving booby-trapped messages, typically, that compromise their devices and online profiles. Tens of thousands of people potentially targeted by these groups have been privately al...
Apple has patched three actively exploited zero-day security vulnerabilities in updates to iOS and macOS, one of which can allow an attacker to execute arbitrary code with kernel privileges.
Apple released two updates on Thursday: iOS 12.5.5, which patches three zero-days that affect older versions of iPhone and iPod devices, and Security Update 2021-006 Catalina for macOS Catalina, which patches one of same vulnerabilities, CVE-2021-30869, that also affects macOS.
The XNU kernel vul...
Get our weekly newsletter Separate flaw in WebKit also under attack squashed, too – and two zero-days in Chrome, as well
Updated Apple on Monday issued security patches for its mobile and desktop operating systems, and for its WebKit browser engine, to address two security flaws, at least one of which was, it is said, used by autocratic governments to spy on human rights advocates.
A day before the iGiant is expected to announce the iPhone 13, it released updates for iOS 14.8 and iPadOS 14.8, watchOS 7.6.2, and macOS Big Sur 11.6. Previous macOS releases Catalina (10.15) and Mojave (10.14) received updated v...
Get our weekly newsletter Friends are always tellin' me, you're a user ... Just be good to free()
Google's bug hunters say they spotted 58 zero-day vulnerabilities being exploited in the wild last year, which is the most-ever recorded since its Project Zero team started analyzing these in mid-2014.
This is more than double the earlier record of 28 zero-day exploits detected in 2015. And miscreants are still using the same old techniques to get away with their mischief.
"With this record number of in-the-wild zero-days to analyze we saw that attacker methodology hasn't actually ha...
Apple has released security updates to fix two zero-day vulnerabilities that have been seen exploited in the wild to attack iPhones and Macs. One is known to be used to install the Pegasus spyware on iPhones.
The vulnerabilities are tracked as CVE-2021-30860 and CVE-2021-30858, and both allow maliciously crafted documents to execute commands when opened on vulnerable devices.
The CVE-2021-30860 CoreGraphics vulnerability is an integer overflow bug discovered by
Get our weekly newsletter Flaw imperils Safari – and every iOS browser because of Cupertino's T&Cs
Apple on Thursday patched a zero-day security vulnerability in its WebKit browser engine, issuing updates for iOS, iPadOS, and macOS.
Its Safari browser, based on WebKit, received the security update separately for instances where it is being used with an older version of macOS, like Big Sur. Apple's tvOS was also refreshed, but without the security fix.
The updates – iOS 15.3.1, iPadOS 15.3.1, and macOS Monterey 12.2.1 – address CVE-2022-22620, reported to Apple by an anonymous ...