Apple has released an update to patch a series of vulnerabilities in iOS, macOS, Safari and many other platforms, update now!

Apple released patches for a range of simple to serious vulnerabilities that have been confirmed on iOS and macOS platforms, Safari, watchOS, tvOS and iTunes.

Apple recently released a patch for a series of simple to serious vulnerabilities that have been confirmed on iOS and macOS platforms, Safari, watchOS, tvOS and iTunes. The most dangerous case is a flaw in WebKit that allows an attacker to gain access, hijack the device and execute code remotely.

More specifically, among all the vulnerabilities that have been tagged with the CVE identifier on Apple's service platforms, there are 30 cases affecting iOS, 11 cases affecting Safari and 27 vulnerabilities exist in macOS. For its part, Apple recommends that global users quickly update to iOS 13.4, Safari 13.1 and macOS Catalina 10.15.3 to limit the risks from the aforementioned vulnerabilities.

Apple has released an update to patch a series of vulnerabilities in iOS, macOS, Safari and many other platforms, update now! Picture 1

Apple is often very tight-lipped when it comes to details of vulnerabilities in security updates, but this time is the exception. Cupertino has outlined eight critical vulnerabilities that have just been patched in Apple's WebKit browser tool that could allow hackers to deploy a variety of malicious activities, from cross-site scripting (XSS) attacks. to remote code execution in iOS and Safari.

The most serious of these is a flaw in WebKit that has the identifier CVE-2020-3897. It is dangerous in that it can be abused to remotely execute code on the device, but also requires victim interaction. Specifically, a hacker must trick the victim into accessing a malicious website or opening a malicious file.

'This vulnerability allows remote attackers to execute arbitrary code on the affected settings of Safari, and exists in the object conversion buffer. By taking actions in JavaScript, an attacker can take advantage of this vulnerability to execute code in the context of the current process, 'said Dustin Childs, head of the Zero Day Initiative security team.

Update your Apple platforms / services to the latest version for your own safety.

4.8 ★ | 4 Vote | 👨 879 Views
« PREV POST
NEXT POST »