Security News > 2016 > March > Apple updates its products, fixes iMessages zero-day (Help Net Security)
2016-03-22 18:18
On Monday Apple has pushed out updates for its many products: iOS, OS X, OS X Server, Safari, watchOS, tvOS, and Xcode. Of these, the most eagerly awaited was that for iOS, as it fixes a recently unveiled vulnerability (CVE-2016-1788) that could allow an attacker who is able to bypass Apple’s certificate pinning, intercept TLS connections, inject messages, and record encrypted attachment-type messages to be able to read attachments. The vulnerability was discovered by a … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/Y7lWWCbQ6Wk/
Related news
- 3 Actively Exploited Zero-Day Flaws Patched in Microsoft's Latest Security Update (source)
- Apple fixes this year’s first actively exploited zero-day bug (source)
- Apple Patches Actively Exploited Zero-Day Affecting iPhones, Macs, and More (source)
- Apple plugs security hole in its iThings that's already been exploited in iOS (source)
- Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085) (source)
- Apple fixes zero-day exploited in 'extremely sophisticated' attacks (source)
- Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) (source)
- Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-03-24 | CVE-2016-1788 | Cryptographic Issues vulnerability in Apple Iphone OS and Watchos Messages in Apple iOS before 9.3, OS X before 10.11.4, and watchOS before 2.2 does not properly implement a cryptographic protection mechanism, which allows remote attackers to read message attachments via vectors related to duplicate messages. | 5.9 |