Apple pushed out iOS 9 Wednesday, addressing a cornucopia of vulnerabilities, including bugs that could lead to arbitrary code execution, credential leakage, interface spoofing, among other issues.
Browsing Category: Apple
There is a major vulnerability in a library in iOS that allows an attacker to overwrite arbitrary files on a target device and, when used in conjunction with other techniques, install a signed app that the device will trust without prompting the user with a warning dialog. The vulnerability lies in a library in both[…]
The iMessage system, like much of what Apple does, is mostly a black box. The company doesn’t talk much about how the system works, and although some security researchers found a couple years ago that Apple could read users’ encrypted messages if they so choose, law enforcement has had no luck in getting Apple to open[…]
Researchers have discovered a new strain of iOS malware dubbed KeyRaider that targets jailbroken devices and has the ability to steal certificates, private keys, and Apple account information. The malware already has claimed the private Apple account data of more than 225,000 victims. The KeyRaider malware was discovered by researchers at Palo Alto Networks, who[…]
A patched iOS vulnerability can be exploited to allow malicious apps to bypass background restrictions and exploit Apple devices.
Apple pushed out a new version of QuickTime that patched nine vulnerabilities, including a handful of denial of service and code execution bugs.
Apple patched an issue last week in iOS that could have allowed attackers to bypass the third-party app-sandbox protection mechanism on devices and read arbitrary managed preferences via a special app.
Italian researcher Luca Todesco explains how exploiting two vulnerabilities in OS X gain enable root access for a hacker. He won’t, however, say why he went public with details and exploit code before Apple patched.
A publicly disclosed zero day in current version of Apple OS X remains unpatched.
Apple released hordes of patches for OS X, iOS, Safari and iOS Server, including fixes for the DYLD vulnerability disclosed in July.