Friday, March 29, 2024
HomeSECURITYTwo Critical Vulnerabilities Patched by Apple in Latest iOS and macOS Updates

Two Critical Vulnerabilities Patched by Apple in Latest iOS and macOS Updates

-


Two Critical Vulnerabilities Patched by Apple in Latest iOS and macOS Updates

The researchers have released detailed information about the security holes they found.

In almost every iOS and macOS update, Apple includes many security improvements to address major vulnerabilities. iOS 16.3 and macOS Ventura 13.2, released in January, are no exception. The updates included fixes for a long list of issues, but two of them are particularly interesting.

Trellix Center for Advanced Studies discovered a new class of errors when exercising privileges in iOS and macOS. These errors can be used to view iPhone or Mac user messages, location data, photos, call history, and more.

The first vulnerability (CVE-2023-23530) researchers Trelix discovered in the coreduetd process that could be used to give an attacker access to the user’s calendar, address book, and photos. The second vulnerability (CVE-2023-23531) is in the OSLogService and NSPredicate processes, which could be used to execute code in Springboard, giving attackers access to the camera, microphone, call history, and more.

These vulnerabilities were reported to Apple, and the company quickly patched the exploits in iOS 16.3 and macOS 13.2 Ventura. Trelix representatives specifically thanked Apple for the quick work to fix the problems.

Apple recommends that all iOS and macOS users update their software to the latest version if it hasn’t already happened automatically.



Source link

www.securitylab.ru

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular