Read Time:2 Minute, 3 Second
Apple has released its Safari 15.6.1, which fixes a zero-day exploit discovered last week. The vulnerability allowed hackers to execute code remotely on iPhones and iPads.
“Mobile devices have increasingly become a target for hostile actors worldwide, through hardware exploits, application errors, malware, or exposed databases,” Richard Melick, Director at Zimperium, said in his statement to Infosecurity Magazine.
Hackers might gain “full admin access” to the iPhone due to a security weakness. Web browser security flaws are continually being found, and Apple has just patched a Safari exploit that was being utilized in the wild.
“Security weaknesses would enable hackers to pretend to be the device’s owner and then execute any software in their name,” Rachel Tobac, CEO of SocialProof Security, explained.
This week, Apple published Safari 15.6.1, which contains a remedy for the CVE-2022-32893 security flaw. Using an out-of-bounds write flaw in Safari’s WebKit rendering engine, the bug allowed malicious web pages to run code on devices. According to Apple, a report suggesting what may have aggressively exploited this flaw has been made public.
In contrast to Chrome, Firefox, and most other web browsers, operating system upgrades are the primary method of disseminating new versions of Safari. Along with other security upgrades, Apple has released macOS Monterey 12.5.1, iOS 15.6.1, and iPadOS 15.6.1. These updates include a fix for Safari. Older versions of macOS, including Big Sur and Catalina, are also receiving security patches.
An update is now available for Apple products. Whenever Apple users have free time, they should update their Mac, iPhone, and/or iPad. Despite using other apps for web browsings, such as Firefox or Chrome, iPhones and iPads render all web pages using the WebKit engine. The risk is more negligible for Mac users who use third-party browsers, but Safari is still used in all macOS for login pages and other embedded online content.
“CVE-2022-32893 exploit is in WebKit, which is a part of Apple’s browser engine and primarily resides in Safari. This vulnerability can lead to the execution of arbitrary code. According to Apple, this could be exploited by remotely visiting a malicious website,” U.S. Health Sector Cybersecurity Coordination Center reported.
Thus, Apple continues to strive harder to make its products hackers-free. In correlation with this, continue to be vigilant on your part. Check the new update today to secure your gadgets.
Happy
0 %
Sad
0 %
Excited
0 %
Sleepy
0 %
Angry
0 %
Surprise
0 %
0
0
