Begin typing your search...

    Apple fixes 2 zero-day bugs exploited to hack iPhones, Macs

    The first security flaw is an IOSurfaceAccelerator that could lead to the corruption of data, a crash, or code execution.

    Apple fixes 2 zero-day bugs exploited to hack iPhones, Macs
    X
    Representative Image

    SAN FRANCISCO: Apple has fixed two new zero-day security vulnerabilities exploited in attacks to compromise iPhones, Macs, and iPads, in its latest software update.

    According to BleepingComputer, the two zero-day security vulnerabilities were addressed in iOS 16.4.1, iPadOS 16.4.1, macOS Ventura 13.3.1, and Safari 16.4.1 with improved input validation and memory management.

    The first security flaw is an IOSurfaceAccelerator that could lead to the corruption of data, a crash, or code execution.

    Successful exploitation enables attackers to execute arbitrary code with kernel privileges on targeted devices by using a maliciously crafted app, said the report.

    The second zero-day vulnerability is a WebKit that allows data corruption or arbitrary code execution when freed memory is reused.

    An attacker can exploit this flaw by tricking targets into loading malicious web pages under their control, resulting in code execution on compromised systems.

    Meanwhile, researchers have tracked 55 zero-day vulnerabilities that were exploited in 2022 by the hackers, mostly targeting Microsoft, Google and Apple products.

    According to information security company Mandiant report, products of Microsoft, Google and Apple made up the majority of zero-day vulnerabilities in 2022, consistent with the previous years, and the most exploited product types were operating systems (19), followed by browsers (11), security, IT, and network management products (10), and mobile OS (six).

    Visit news.dtnext.in to explore our interactive epaper!

    Download the DT Next app for more exciting features!

    Click here for iOS

    Click here for Android

    IANS
    Next Story