Three Major Vulnerabilities in iOS

Apple recently released security patches for 3 major vulnerabilities found in iOS. These vulnerabilities were reported to Apple by Google's Project Zero security team.

Threat Level

MEDIUM

Software Affected

  • iPhone 5S and later, iPod touch 6th & 7th gen, iPad Air, iPad mini 2 and later, Apple Watch Series 1 and later

 

Description

According to the Apple security advisory below are 3 major security flaws,

  • CVE-2020-27930: A memory corruption issue in the FontParser library that allows for remote code execution when processing a maliciously crafted font.
  • CVE-2020-27932: A memory initialization issue that allows a malicious application to execute arbitrary code with kernel privileges.
  • CVE-2020-27950: A type of confusion issue that makes it possible for a malicious application to disclose kernel memory.

Impact

  • Exposing private information to unauthorized parties
  • Unauthorized access
  • Malware infections

Solution/ Workarounds

  • Update to the latest iOS versions (Fixes are available for the iOS versions iOS 12.4.9 and 14.2, iPadOS 14.2, watchOS 5.3.9, 6.2.9, and 7.1, and as a supplemental update for macOS Catalina 10.15.7)

Reference

Disclaimer

The information provided herein is on an "as is" basis, without warranty of any kind.

Source: Sri Lanka CERT - https://www.cert.gov.lk

Rate this item
(0 votes)

Leave a comment

Please do not enter any marketing or illegal statements | කරුණාකර අලෙවිකරණ හෝ නීති විරෝධී ප්‍රකාශන ඇතුළත් නොකරන්න.

15 comments

More in this category:

Video Of The Day | දවසේ වීඩියෝව

Subscribe to Weekly Email Newsletter




Joomla Extensions powered by Joobi

Articles Archive

Articles Calendar

« December 2021 »
Mon Tue Wed Thu Fri Sat Sun
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30 31    
032028156
Today
Yesterday
This Week
Last Week
This Month
Last Month
All days
6111
53388
116288
31178696
268329
1148542
32028156
Your IP: 175.204.93.153
2021-12-07 05:27
Go to top