Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11The researcher released code that exploits the iOS Kernel vulnerability
Adam Donenfeld, a researcher at mobile security company Zimperium, has released the POC code for zIVA - a kernal vulnerability affecting iOS 10.3.1 and earlier.
The zIVA exploit code allows the RW (Read Write) attacker to randomly and root the device.
Apple has patched since May
Apple has handled eight critical weaknesses of this vulnerability in the security patch package released in May. One of them affected the IOSurface kernel extension, and the other 7 weaknesses affected the AppleAVI Driver kernel extension.
The kernel kernel vulnerability helps the root exploit of the device
Even if Apple released the security patch, they also asked Donenfeld to complete the release of the exploit code to allow the user time to upgrade the device first.
Explaining the reasons for his research, Donenfeld said that he was 'trying to understand the kernel area that had never been thoroughly studied'. His research eventually led him to AppleAVE.
'AppleAVE is written but ignores basic security issues, the vulnerability described below is enough to occupy the kernel, random RW rights and root device', he said.
The code is exploited on GitHub
Donenfeld prepared a talk about these eight holes at the Singapore security conference - Hack In The Box. He works for Zimperium, the company discovered the famous Stagefright vulnerability on Android.
In February 2017, Zimperium introduced a program called N-Day, in which they proposed to buy zero-day vulnerabilities that were used and stopped working, avoiding public disclosure before patching. given. ZIVA exploit code is available on GitHub at this address.https://github.com/doadam/ziVA
Micah SotoYou should read it
- Immediately patch CWP vulnerability that allows code execution as root on Linux servers
- Find bug in Emotet malware, prevent it from spreading for 6 months
- GitHub's machine learning tool can detect vulnerabilities in code
- McAfee software has a vulnerability that allows hackers to run code with system privileges on Windows
- Find security holes on every site with Nikto
- Linux kernel vulnerability exposes Stack memory, causing local data leak
- Discover new Zero-Day vulnerabilities that target bugs in Windows 10 Task Scheduler
- Mac computers stuck with a dangerous security vulnerability, Apple was announced in February but has not yet resolved
May be interested
- Hacker revealed the second Zero-Day, broke Windows' EoP vulnerability patch
a security researcher with a nickname sandboxescaper recently publicly shared a second zero-day exploit, which can be used to break up an advanced security patch for a privileged vulnerability that is only currently available. here in microsoft windows operating system. - Google Chrome has a serious zero-day error, and hackers can execute malicious code at its fullestthis vulnerability allows hackers to bypass the content security policy (csp) rules that were released in chrome 73. luckily, google has a patch for this vulnerability now.
- What's new in Linux Kernel 5.18?one of the big changes in the linux kernel 5.18 is the inclusion of the intel software defined silicon (sdsi) driver in the main kernel.
- VMware patches RCE Spring4Shell vulnerability on a wide range of productsvmware has released a number of security updates to patch remote code execution for a dangerous vulnerability called spring4shell in the company's virtual machine and cloud products.
- Find bug in Emotet malware, prevent it from spreading for 6 monthsaccording to researcher james quinn of the security firm binary defense, like other software, malicious code also has vulnerabilities, error codes. hackers can exploit software vulnerabilities to cause harm, security experts can also decompile the source code of malicious code to find the vulnerability to exploit and defeat the malicious code.
- Microsoft will release Linux 'genuine' Linux kernel with Windows 10 WSLmicrosoft will start 'shipping' a built and customized linux kernel (linux kernel), first applied to windows 10 insider builds this summer. it is known that this kernel will act as a backbone of windows subsystem for linux 2.0 or wsl2.
- What's new in Linux Kernel 5.9?linus torvalds has announced the new, stable linux kernel 5.9. this linux kernel version is a major release of hardware, graphics, and many other performance updates.
- GitHub's machine learning tool can detect vulnerabilities in codegithub's tool will help eliminate common security holes before the code is put into the final stage.
- How to fix Kernel Data Inpage Error on Windowskernel data error inpage error (stop code 0x0000007a) occurs due to bad sectors, viruses, hard drives or ram errors caused.
- Learn about the Linux Kernel and their main functionswith more than 13 million lines of code, the linux kernel is one of the largest open source projects in the world, but what exactly are they and what do they do in the system?
Tech info
- OneDrive for Android updates with Office Lens
- Latest Skype feature will make programmers interested
- Latest updates of Google Docs, Sheets & Slides that you still expect
- Discover two important zero-day vulnerabilities in Foxit PDF Reader
- Check out the virtual reality glasses that Facebook registered for patents
- Secret chips can be hidden in the device to spy on and hijack smartphones
OneDrive for Android updates with Office Lens
Latest Skype feature will make programmers interested
Latest updates of Google Docs, Sheets & Slides that you still expect
Discover two important zero-day vulnerabilities in Foxit PDF Reader
Check out the virtual reality glasses that Facebook registered for patents
Secret chips can be hidden in the device to spy on and hijack smartphones