> >

Three Major Vulnerabilities in iOS

Apple recently released security patches for 3 major vulnerabilities found in iOS. These vulnerabilities were reported to Apple by Google's Project Zero security team.

Threat Level

MEDIUM

Software Affected

  • iPhone 5S and later, iPod touch 6th & 7th gen, iPad Air, iPad mini 2 and later, Apple Watch Series 1 and later

 

Description

According to the Apple security advisory below are 3 major security flaws,

  • CVE-2020-27930: A memory corruption issue in the FontParser library that allows for remote code execution when processing a maliciously crafted font.
  • CVE-2020-27932: A memory initialization issue that allows a malicious application to execute arbitrary code with kernel privileges.
  • CVE-2020-27950: A type of confusion issue that makes it possible for a malicious application to disclose kernel memory.

Impact

  • Exposing private information to unauthorized parties
  • Unauthorized access
  • Malware infections

Solution/ Workarounds

  • Update to the latest iOS versions (Fixes are available for the iOS versions iOS 12.4.9 and 14.2, iPadOS 14.2, watchOS 5.3.9, 6.2.9, and 7.1, and as a supplemental update for macOS Catalina 10.15.7)

Reference

Disclaimer

The information provided herein is on an "as is" basis, without warranty of any kind.

Source: Sri Lanka CERT - https://www.cert.gov.lk

Rate this item
(0 votes)

Leave a comment

Please do not enter any marketing or illegal statements | කරුණාකර අලෙවිකරණ හෝ නීති විරෝධී ප්‍රකාශන ඇතුළත් නොකරන්න.

More in this category:

Subscribe to Weekly Email Newsletter




Joomla Extensions powered by Joobi

Articles Archive

Articles Calendar

« January 2021 »
Mon Tue Wed Thu Fri Sat Sun
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 31
007821585
Today
Yesterday
This Week
Last Week
This Month
Last Month
All days
32317
68711
399021
6622051
749432
651269
7821585
Your IP: 18.204.42.98
2021-01-16 11:25

Video Of The Day

Go to top