Detecting an extremely dangerous vulnerability on nearly 16,000 iOS applications
ZipperDown, a serious security vulnerability that exists in iOS apps, was discovered by a group of security experts called Pangu Lab. Taking advantage of this vulnerability, hackers can overwrite data or run dangerous code on the application. Users' devices may be in danger if downloaded one of the applications that has ZipperDown attached.
According to security experts, there are about 9,978 iOS applications that exist in the aforementioned flaws, accounting for about 10% of existing iOS applications on the App Store. Notably, apps with high download volume and users of over 100 million people like Instagram, Amazon, Twitter and Dropbox are likely to be affected by ZipperDown, while apps like Weibo, QQ Music, MOMO, NetEase Music, and Kwai, . have been identified as containing vulnerabilities long ago.
Depending on the application, hackers can exploit vulnerabilities to attack in different directions, but the most common is still control and fake connection to the device to enable remote malicious code via the network. cord.
Developers need to contact the Pangu team to verify if their application contains a vulnerability, thus finding a suitable solution.
See more:
- Intel's chip has eight new serious vulnerabilities
- Detecting zero-day vulnerabilities in Internet Explorer helps hackers gain control of the computer
- Only charging the battery through a computer, your iPhone may also be hacked
You should read it
- 5 common errors in managing security vulnerabilities
- HP publishes a series of critical vulnerabilities in the Teradici PCoIP protocol
- How to scan websites for potential security vulnerabilities with Vega on Kali Linux
- Microsoft introduced a tool to fix security holes in IE 9 and 10
- How to fix BlueKeep security error for Windows 2003, Windows XP, Windows 7, Windows Server 2008
- 6 enterprise security holes to note
- Immediately fix critical vulnerabilities in Windows NTLM security protocol
- The Mail app on iOS has serious vulnerabilities
May be interested
- Detecting WhatsApp flaws allows an attacker to access files on the machinethis is a cross-site scripting (xss) vulnerability.
- Detecting an 8-year-old security flaw, affecting 150 HP printer modelsresearchers have discovered several security vulnerabilities affecting at least 150 models of hp multifunction printers (print, scan, fax).
- How to detect malicious apps on Androidinstalling applications outside of google play is often potentially risky, making users more likely to steal personal data and money. therefore, the detection of malicious applications on android phones will help you distinguish what will be a safe application, where the application contains malicious code, thereby minimizing the download of dangerous applications. security and protection of android devices become safer.
- Detecting a Google Drive vulnerability could allow hackers to trick users into installing malwarean unresolved security weakness in google drive can be exploited by software attackers to distribute malicious files.
- Specter V2 vulnerability re-appears to attack Intel, Arm CPUs, AMD chips are not affectedsecurity research team vusec and intel have just released a notice of a dangerous remote execution vulnerability of the specter class, known as branch history injection or bhi.
- Extremely dangerous zero-day vulnerability on Chrome: Users update now!immediately after clicking on the phishing link in the email, the user's system is immediately compromised.
- 13 popular applications have serious security vulnerabilities, users need to update immediatelyapple and the citizen lab have just discovered a serious security vulnerability, affecting a series of popular applications and millions of internet users.
- Google discovered a dangerous zero day vulnerability on many Samsung Galaxy, Huawei, Xiaomi and even Pixel phonesthis vulnerability affects many major phone companies including huawei p20, pixel 1 and pixel 2, xiaomi, samsung with galaxy s7, s8 and s9 ... and most likely exploited by hackers.
- The new Specter vulnerability appears to be a new variant that easily 'crashes' secure partitions created by Intel SGXresearchers from the ohio state university have discovered a new dangerous variant of the specter vulnerability called sgxpectre with the ability to exploit information from safe partitions created by intel sgx.
- Detecting serious security flaws that exist for more than 19 years on WinRAR, can affect 500 million userson february 20, security experts at check point discovered a very dangerous vulnerability that existed inside the library of winrar code over the past 19 years, allowing hackers to broadcast it. a malicious code and plugged into a user's computer to perform malicious purposes.