Vulnerabilities/Malwares

Apple pactches new iOS zero-day used to hack iPhones

Published

on

Apple has fixed the tenth zero-day vulnerability since the beginning of the year in security updates that were released today. This latest one was actively used in attacks against iPhones.

Apple warned that the flaw “may have been actively exploited” against earlier versions in security bulletins released today for iOS/iPadOS 15.7.2, Safari 16.2, tvOS 16.2, and macOS Ventura 13.1.

The type confusion issue in Apple’s Webkit web browser browsing engine is the source of the bug (CVE-2022-42856).

Clément Lecigne of Google’s Threat Analysis Group discovered the flaw, which made it possible for maliciously crafted web content to execute arbitrary code on a device that was vulnerable.

The malicious site may be able to execute commands in the operating system through arbitrary code execution, spread additional spyware or malware, or carry out other malicious activities.

With improved state handling, Apple addressed the zero-day vulnerability in the iPhone 6s, iPhone 7, iPhone SE (1st generation), iPad Pro, iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation).

Patch your iPhones, iPads, and macOS Ventura despite Apple’s admission that threat actors actively exploited the vulnerability, the company has not provided any additional information about the attacks.

Notwithstanding, as the weakness was found by Clément Lecigne of Google’s Alarming statement Knowledge Group, we will probably learn more in a future blog entry.

Users are frequently given the opportunity to patch their devices prior to other threat actors analyzing the fixes and developing their own exploits by delaying the disclosure of information.

Even though this zero-day flaw was probably used in very specific attacks, it is still recommended that you install the most recent security updates as soon as you can.

This is the tenth zero-day fixed by Apple since the start of the year:

Full details are  on apple website below

https://support.apple.com/en-us/HT213531#:~:text=Google%20V8%20Security-,WebKit,-Available%20for%3A%20iPhone

Leave a Reply

Your email address will not be published. Required fields are marked *

Trending

Exit mobile version