Wednesday, March 29, 2023

It's all about technology

Apple fixes an exposed and exploited vulnerability

Apple said that a software update it released two weeks ago for iPhone smartphones fixed an exposed security vulnerability, and revealed that the vulnerability had been exploited.

Apple released iOS 16.1.2 on November 30 for all supported iPhones, for iPhone 8 and later. The new version came with important security updates that the company did not specify.

Apple revealed on its security updates page that the update fixed a bug in the WebKit browsing engine that powers its Safari browser and other apps, and by exploiting it, threat actors can run malicious code on a victim’s device.

Apple said Google’s Threat Analysis Group, which investigates spyware, hacking and government-backed cyberattacks, discovered the vulnerability in the WebKit engine.

WebKit vulnerabilities are often exploited when a user visits a malicious domain in their browser, or through browsing pages in other applications. Threat actors seek to exploit vulnerabilities in the browsing engine as a way to break into the operating system and users’ private data. WebKit vulnerabilities can be linked with other vulnerabilities to penetrate multiple layers of a device’s defenses.

Apple said it was aware of the vulnerability exploit in versions of iOS prior to version 15.1, which was released in October 2021. For users of those versions, who have not yet updated to iOS 16, the company has also released version 15.7.2 of iOS and iPadOS. Fixes WebKit vulnerability for those using iPhone 6s and later and some iPad tablet models.

The vulnerability is now being tracked under ID CVE-2022-42856 or WebKit 247562. It is not clear why Apple muted details of the vulnerability for two weeks.

It should also be noted that Apple released two days ago iOS 16.2, which includes end-to-end encryption of data in iCloud backups, in addition to other features.

Get notified whenever we post something new!

Continue reading

Spotify Introduces Niche Mixes for Personalized Playlists: A Comprehensive Guide

Spotify, the popular music streaming platform, has added a new feature that allows users to generate personalized playlists with even greater control

US Regulator Files Lawsuit Against Binance and CEO for Operating “Illegal” Exchange and “Sham” Compliance Program

Binance, the world's largest cryptocurrency exchange, and its CEO and founder Changpeng Zhao have been sued by the U.S. Commodity Futures Trading Commission (CFTC) for operating an "illegal" exchange and "sham" compliance programme.

Why France is Banning All Recreational Apps on Officials’ Phones: TikTok, Facebook, Instagram, and More

The use of TikTok by government officials has been banned in several countries over the past few months, including the Netherlands, Norway, and France. Despite TikTok's assertion that it operates independently and does not share user data with the Chinese government, many governments remain concerned about its security and data protection