Security News > 2021 > March > Apple emits patches for iOS, macOS, Safari, etc to stop dodgy websites hijacking people's gadgets

Apple emits patches for iOS, macOS, Safari, etc to stop dodgy websites hijacking people's gadgets
2021-03-09 01:07

Apple on Monday released security patches for macOS, iOS, iPadOS, watchOS, and Safari to fix up a vulnerability that can be exploited by malicious web pages to run malware on victims' computers and gadgets.

Apple thanks Clément Lecigne of Google's Threat Analysis Group and Alison Huffman of Microsoft Browser Vulnerability Research for reporting the arbitrary code execution security flaw, CVE-2021-1844, which is present in WebKit, the browser engine used by various bits of Cupertino code.

Users should upgrade to Safari 14.0.3, macOS Big Sur 11.2.3, watchOS 7.3.2, iOS 14.4.1, and iPadOS 14.4.1, as necessary.

Google Chrome 89.0.4389.72 includes a fix for the audio flaw as well as 46 other security patches.

Microsoft Exchange: It's estimated that 30,000 organizations, from small biz to government bodies, have been compromised by miscreants exploiting critical security holes in internet-facing Microsoft Exchange server software.

Homomorphic encryption: Intel has pledged to design a chip that accelerates homomorphic encryption in collaboration with Microsoft and the US government's boffinry agency DARPA. The silicon is expected to be commercialized and appear in Microsoft's Azure cloud.


News URL

https://go.theregister.com/feed/www.theregister.com/2021/03/09/apple_security_update/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-04-02 CVE-2021-1844 Out-of-bounds Write vulnerability in multiple products
A memory corruption issue was addressed with improved validation.
network
low complexity
apple debian fedoraproject CWE-787
8.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apple 72 238 1567 2279 265 4349