Security News > 2016 > March > Apple updates its products, fixes iMessages zero-day (Help Net Security)

Apple updates its products, fixes iMessages zero-day (Help Net Security)
2016-03-22 18:18

On Monday Apple has pushed out updates for its many products: iOS, OS X, OS X Server, Safari, watchOS, tvOS, and Xcode. Of these, the most eagerly awaited was that for iOS, as it fixes a recently unveiled vulnerability (CVE-2016-1788) that could allow an attacker who is able to bypass Apple’s certificate pinning, intercept TLS connections, inject messages, and record encrypted attachment-type messages to be able to read attachments. The vulnerability was discovered by a … More →


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/Y7lWWCbQ6Wk/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2016-03-24 CVE-2016-1788 Cryptographic Issues vulnerability in Apple Iphone OS and Watchos
Messages in Apple iOS before 9.3, OS X before 10.11.4, and watchOS before 2.2 does not properly implement a cryptographic protection mechanism, which allows remote attackers to read message attachments via vectors related to duplicate messages.
network
high complexity
apple CWE-310
5.9

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apple 72 238 1567 2279 265 4349