The update fixes a further three WebKit issues, as well as vulnerabilities in Safari, ImageIO, Apple Neural Engine and Accessibility. The iOS 16.7.5 update fixes eight security issues, one of which is the WebKit flaw tracked as CVE-2024-23222 also patched in iOS 17.3, which Apple said is already being used in attacks. First up is iOS 16.7.5, a security-only update for iPhone users whose devices can’t upgrade to iOS 17.3-the iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation. Other iPhone Updates Issued Alongside iOS 17.3Īpple has also issued other updates alongside iOS 17.3 for users of older iPhones. That’s because Apple no longer supports newer devices with iOS 16 security updates. Apple is aware of a report that this issue may have been exploited.ĭescription: A type confusion issue was addressed with improved checks.The security fixes alone make updating to iOS 17.3 a no-brainer, especially if you own a device that can run iOS 17. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Impact: Processing maliciously crafted web content may lead to arbitrary code executionĭescription: Multiple memory corruption issues were addressed with improved memory handling.ĬVE-2024-23214: Nan Wang of 360 Vulnerability Research Institute Impact: Processing web content may lead to arbitrary code executionĬVE-2024-23213: Wangtaiyu of Zhongfu info Impact: A maliciously crafted webpage may be able to fingerprint the userĭescription: An access issue was addressed with improved access restrictions. Impact: An app may be able to view a user's phone number in system logsĬVE-2024-23210: Noah Roskin-Frazee and Prof. Impact: An app may be able to access user-sensitive dataĭescription: An issue was addressed with improved handling of temporary files. Impact: An app may be able to bypass certain Privacy preferencesĭescription: A privacy issue was addressed with improved handling of temporary files.ĬVE-2024-23217: Kirin for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later Impact: A shortcut may be able to use sensitive data with certain actions without prompting the userĭescription: The issue was addressed with additional permissions checks.ĬVE-2024-23204: Jubaer Alnazi for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later Impact: A user's private browsing activity may be visible in Settingsĭescription: A privacy issue was addressed with improved handling of user preferences. Impact: Stolen Device Protection may be unexpectedly disabledĭescription: The issue was addressed with improved authentication.ĬVE-2024-23219: Peter Watthey and Christian Scalese (ZeroClicks.ai Lab), and Ian de Marcellusĭescription: A privacy issue was addressed with improved handling of files.ĬVE-2024-23223: Noah Roskin-Frazee and Prof. Impact: An app may be able to access sensitive user dataĭescription: This issue was addressed with improved redaction of sensitive information.ĬVE-2024-23207: Noah Roskin-Frazee and Prof. Impact: An attacker may be able to decrypt legacy RSA PKCS#1 v1.5 ciphertexts without having the private keyĭescription: A timing side-channel issue was addressed with improvements to constant-time computation in cryptographic functions.ĬVE-2024-23208: and lime From TIANGONG Team of Legendsec at QI-ANXIN Group Impact: An app may be able to execute arbitrary code with kernel privilegesĭescription: The issue was addressed with improved memory handling.ĬVE-2024-23212: Ye Zhang of Baidu SecurityĪvailable for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later Available for devices with Apple Neural Engine: iPhone XS and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |