Security News

Apple's trademark tight lips extend to new iPhone, iPad zero-days
2024-03-06 17:01

Apple's latest security patches address four vulnerabilities affecting iOS and iPadOS, including two zero-days that intel suggests attackers have already exploited. Affecting RTKit, Apple's real-time operating system that runs on various devices like AirPods, Apple Watch, and more, its description closely mirrors that of CVE-2024-23225.

Apple security boss faces iPads-for-gun-permits bribery charge... again
2023-08-29 20:32

'We will continue fighting this case' global chief's lawyer tells us An appeals court has reversed a 2021 decision to drop a bribery charge against Apple's head of global security, who is accused...

Apple Rolls Out Urgent Patches for Zero-Day Flaws Impacting iPhones, iPads and Macs
2023-07-25 03:36

Apple has rolled out security updates to iOS, iPadOS, macOS, tvOS, watchOS, and Safari to address several security vulnerabilities, including one actively exploited zero-day bug in the wild. "Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1," the tech giant noted in its advisory.

Urgent! Apple fixes critical zero-day hole in iPhones, iPads and Macs
2023-07-11 20:12

The second-ever Apple Rapid Security Response just came out. The last point above is surprisingly important, given that Apple absolutely will not allow you to uninstall full-on system updates to your iPhones or iPads, even if you find that they cause genuine trouble and you wish you hadn't applied them in the first place.

New zero-click threat targets iPhones and iPads
2023-06-07 18:57

The Moscow-based cybersecurity company Kaspersky says iOS devices are being targeted by a previously unknown malware. The attack begins when the targeted iOS device receives a message via the iMessage service.

Apple zero-day spyware patches extended to cover older Macs, iPhones and iPads
2023-04-10 20:20

Simply put, there were zero days during which even the most proactive and cybersecurity conscious users amongst us could have been patched in advance of the crooks. Just to be clear: the Apple Safari browser uses WebKit for "Processing web content" on all Apple devices, although third-party browsers such as Firefox, Edge and Chromium don't use WebKit on Mac.

Apple fixes recently disclosed zero-days on older iPhones and iPads
2023-04-10 20:16

Apple has released emergency updates to backport security patches released on Friday, addressing two actively exploited zero-day flaws also affecting older iPhones, iPads, and Macs. The second zero-day is a WebKit use after free that can let threat actors execute malicious code on compromised iPhones, Macs, or iPads after tricking their targets into loading malicious web pages.

Apple backports fix for exploited WebKit bug to older iPhones, iPads (CVE-2023-23529)
2023-03-28 11:23

Apple has released security updates for - pardon the pop-culture reference - everyhing everywhere all at once, and has fixed the WebKit vulnerability exploited in the wild for users of older iPhones and iPads. The presently most important fix among those delivered is the one for CVE-2023-23529, a type confusion issue in the WebKit browser engine, which can be triggered by maliciously crafted web content and ultimately allow code execution.

Apple Warns of 3 New Vulnerabilities Affecting iPhone, iPad, and Mac Devices
2023-02-22 12:56

Apple has revised the security advisories it released last month to include three new vulnerabilities impacting iOS, iPadOS, and macOS. The first flaw is a race condition in the Crash Reporter component that could enable a malicious actor to read arbitrary files as root. "An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges," Apple said, adding it patched the issues with "Improved memory handling."

Apple patches actively exploited iPhone, iPad kernel vulns
2022-10-31 07:32

In brief Apple has patched an iOS and iPad OS vulnerability that's already been exploited. Apple issued patches for iOS 16.1 and iPad OS 16, to address this and 19 other vulnerabilities.