Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Apple Patches Zero-Day Vulnerability That Could Let iPhones, iPads, and MacBooks Get Hacked
The first zero-day vulnerability is tracked under the code CVE-2022-22587. This is a memory corruption bug in IOMobileFrameBuffer that affects iOS, iPadOS, and macOS Monterey.
When successfully exploiting this vulnerability, an attacker can execute arbitrary code with kernet privileges on the victim's device.
"Apple has received notice that this vulnerability is being actively exploited by hackers," Apple said.
Below is a list of devices affected by CVE-2022-22587:
- iPhone 6s and up
- iPad Pro (all models)
- iPad 5th generation or later
- iPad mini 4 or later and iPod touch (7th generation)
- Devices running macOS Monterey
The vulnerability was found by an anonymous security researcher, MBition - Mercedes-Benz Innovation Lab researcher Meysam Firouzi and researcher Siddharth Aeri.
Both Firouzi and Aeri shared that they found this vulnerability based on independent research, not knowing that hackers are actively exploiting it.
The second zero-day vulnerability is a Safari WebKit bug in iOS and iPadOS that allows websites to track a user's surfing activity and a user's identity in real time.
The vulnerability was reported to Apple by Martin Bajanik of FingerprintJS on November 28, 2021 and made public on January 14, 2022. After the researcher revealed it, it was assigned the code CVE-2022-22594 and patched in the newly released iOS 15.3 and iPadOS 15.3 update.
These are the first zero-day vulnerabilities to be patched by Apple in 2022.
Micah SotoYou should read it
- Detected critical zero-day vulnerability on Adobe Reader
- Microsoft updated Patch Tuesday in October 2020, patching the 'Ping of Death' vulnerability on Windows 10
- Intel will stop releasing patches for the Specter v2 security hole on some older CPUs
- Microsoft urgently patched zero-day vulnerability after 2 years of refusing to acknowledge it
- Lenovo updates BIOS to patch security holes for hundreds of device models
- Microsoft silently patched the KRACK WPA2 security hole
- Patches of dangerous vulnerabilities being exploited by hackers contain dangerous holes and then continue to be exploited by hackers
- Detected extremely serious vulnerability in Hikvision security cameras
May be interested
- 'Printer Catastrophe' Vulnerability Threatens All Versions of Windows
although microsoft releases patches for windows vulnerabilities on a monthly basis, there are still security issues that remain. recently, the us cybersecurity and infrastructure agency (cisa) reported a critical vulnerability in the windows print spooler system. - In turn, Microsoft admitted being hacked because of the SolarWinds vulnerabilitymicrosoft has admitted that they were attacked by hackers through a vulnerability of solarwinds' software update system. however, the software giant denied that hackers used their software to infect users as well as customers.
- VMware patches RCE Spring4Shell vulnerability on a wide range of productsvmware has released a number of security updates to patch remote code execution for a dangerous vulnerability called spring4shell in the company's virtual machine and cloud products.
- Here is the list of iPhones and iPads that support iOS 16 and iPadOS 16after countless rumors and leaks, apple finally officially announced ios 16 and ipados 16 on stage at wwdc 2022
- GitLab patches critical vulnerability that allows hackers to take control of accountsgitlab has just resolved a critical vulnerability that could allow hackers to take over users' accounts with hard-coded passwords. it is worth mentioning here that the hacker can perform the attack remotely.
- Apple released iOS 13.4.1, fixing important bugs on iPhones and iPadsios 13.4.1 doesn't bring any new features, but it fixes some relatively important bugs.
- Intel will stop releasing patches for the Specter v2 security hole on some older CPUsrecently, intel has confirmed that it will stop updating the meltdown and specter security patches for certain products.
- Apple considers removing Qualcomm chips on iPhones and iPads next yearamidst escalating tension on legal issues of qualcomm, the wall street journal said apple is designing 2018 iphone and ipad models without qualcomm lte chips.
- Exchanging fake iPhones for real iPhones for 10 consecutive years caused Apple to lose 12 million USDfive chinese citizens living in the los angeles area exchanged fake iphones for real iphones 16,000 times over the course of 10 years, causing more than $12 million in damage to apple.
- Apple releases urgent zero-day patches for iOS, iPadOS and macOS, users noteapple has just rushed to release a series of rapid security response (rsr) updates to address a new zero-day vulnerability that is being actively exploited.
Mobile
- Some Samsung devices experience email, VPN errors due to missing Microsoft Intune certificates
- Close-up of Microsoft's canceled Andromeda operating system running on Lumia 950
- Many iPhone 13 have a 'pink screen' error, Apple thinks it's not a hardware error
- How to connect phone to computer easily for iPhone and Android
- iPhone 13 has the background noise cancellation feature removed when making phone calls
- Apple releases iOS 15.2.1 and iPadOS 15.2.1 updates, fixing a lot of important bugs
Some Samsung devices experience email, VPN errors due to missing Microsoft Intune certificates
Close-up of Microsoft's canceled Andromeda operating system running on Lumia 950
Many iPhone 13 have a 'pink screen' error, Apple thinks it's not a hardware error
How to connect phone to computer easily for iPhone and Android
iPhone 13 has the background noise cancellation feature removed when making phone calls
Apple releases iOS 15.2.1 and iPadOS 15.2.1 updates, fixing a lot of important bugs