This capability, once again, allows a malicious party to remotely run bad code on the target device for goals like stealing sensitive data. The second vulnerability, which is labeled CVE-2023-28205 and affects the WebKit engine that handles Apple’s web browser, could also allow remote code execution. The former, which was flagged by a cybersecurity expert affiliated with Amnesty International, grants kernel privilege to a bad actor. Labeled CVE-2023-28206 and CVE-2023-28205, these security flaws have been patched with the latest updates. In a nutshell, when Apple publicly announces a security flaw, and it comes with a “Critical Vulnerability” badge, you should grab the fix as soon as Apple makes them available. In its official release note, Apple says the updates patch two security flaws that “may have been actively exploited.” Now, Apple doesn’t disclose security issues before conducting thorough research, both in-house and in collaboration with cybersecurity experts. The updates - iOS 16.4.1 and iPadOS 16.4.1 - started rolling out on Friday, but you should install them on your iPhone and iPad as soon as possible to protect your devices from attacks. Fitbit Versa 3Īpple has released software updates for iPhones and iPads that are light on features, but they are critically important from a security perspective.
0 kommentar(er)
