Security News

Apple has released a security update for older iDevices to fix three vulnerabilities, two of which are zero-days that are apparently actively exploited in attacks in the wild. The security update is iOS 12.5.4, which can still be run on older iDevices: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch.

Apple issued two out-of-band security fixes for its Safari web browser, fixing zero-day vulnerabilities that "May have been actively exploited," according to a Monday security bulletin by the company. The bugs affect sixth-generation Apple iPhones, iPads and iPod touch model hardware, released between 2013 and 2018.

Apple has fixed two iOS zero-day vulnerabilities that "May have been actively exploited" to hack into older iPhone, iPad, and iPod devices. Webkit is a browser rendering engine used by Apple web browsers and applications to render HTML content on desktop and mobile platforms, including iOS, macOS, tvOS, and iPadOS. Attackers could exploit the two vulnerabilities using maliciously crafted web content that would trigger arbitrary code execution after being loaded by the targets on unpatched devices.

Apple on Monday shipped out-of-band security patches to address two zero-day vulnerabilities in iOS 12.5.3 that it says are being actively exploited in the wild. The latest update, iOS 12.5.4, comes with fixes for three security bugs, including a memory corruption issue in ASN.1 decoder and two flaws concerning its WebKit browser engine that could be abused to achieve remote code execution -.

Apple late Monday shipped an out-of-band iOS update for older iPhones and iPads alongside a warning that a pair of WebKit security vulnerabilities may have been actively exploited. As is customary, Apple did not provide details on the zero-day attacks, which appear to be aimed at a range of older models of Apple flagship iPhone devices.

Seeking to protect its image as a guardian of personal privacy, Apple maintains it was blindsided and handcuffed by a Trump administration probe that resulted in the company handing over phone data from two Democratic congressmen. Apple also upped the privacy ante in April when it rolled out privacy controls on the iPhone as part of an effort to make it more difficult for companies such as Facebook to track people's online activities to help sell ads.

Brandon Vigliarolo talks to Karen Roby about the new privacy features that Apple revealed during the keynote of WWDC 2021.

Apple on Monday announced a number of privacy and security-centric features to its upcoming versions of iOS and macOS at its all-online Worldwide Developers Conference. Users can either opt to update to the latest version of iOS 15 for all the latest features and most complete set of security updates or continue on iOS 14 and still get important security updates until they are ready to migrate to the next major version.

On Monday, at its 2021 Worldwide Developers Conference, Apple unveiled several privacy features that are coming with its new iOS 15, iPadOS 15, macOS Monterey, and watchOS 8 operating systems later this year. Apple announced iCloud+, which brings several new features on top of iCloud, including a new private browsing service named Private Relay.

Apple previewed new privacy protections in iOS 15, iPadOS 15, macOS Monterey, and watchOS 8, which help users better control and manage access to their data. With App Privacy Report, users can see how often each app has used the permission they've previously granted to access their location, photos, camera, microphone, and contacts during the past seven days.