February 8, 2023
Articles CyberSecurity Technology

Apple issues Update for older Devices

Apple has fixes for a recently disclosed critical security flaw that is affecting older devices which is reciting evidence of active exploitation.

The issue which is tracked as CVE-2022-42856 and is a type confusion vulnerability in the WebKit browser engine that could result in arbitrary code execution when processing maliciously crafted web content.

While it was originally addressed by the company on November 30, 2022 which is as part of iOS 16.1.2 update which was expanded to a set of Apple devices.
Apple is still aware of a report that issue may have been actively exploited against versions of iOS released before iOS 15.1.

The latest update, iOS 12.5.7, is available for new generation of iPhone series.

Threat Analysis Group (TAG) has credited with discovering vulnerability which is exact specifics surrounding exploitation attempts in wild are currently unknown.

Image source: die zeit

The update comeup as Apple released iOS 16.3, iPadOS 16.3, macOS Ventura 13.2, watchOS 9.3, and Safari 16.3 which led to remediate a long list of security flaws that is including two bugs in WebKit which lead to code execution.

macOS Ventura 13.2 plugs two denial-of-service vulnerabilities in ImageIO and Safari which is alongside three flaws in the Kernel that could be abused to leak sensitive information and determine memory layout and also execute rogue code with elevated privileges.

Its not all bug fixes. The updates also brings with the ability to use hardware security key to lock down Apple IDs for two-factor authentication. They expand availability of Advanced Data Protection .

Leave a Reply

Your email address will not be published. Required fields are marked *


Post a blog


Post a Quote