viralamo

Menu
  • Technology
  • Science
  • Money
  • Culturs
  • Trending
  • Video

Subscribe To Our Website To Receive The Last Stories

Join Us Now For Free
Home
Technology
Apple patches iOS against 3 actively exploited 0-days found by Google
Technology

Apple patches iOS against 3 actively exploited 0-days found by Google

05/11/2020

A young woman is using her smartphone

Apple has patched iOS against three zero-day vulnerabilities that attackers were actively exploiting in the wild. The attacks were discovered by Google’s Project Zero vulnerability research group, which over the past few weeks has detected four other zero-day exploits—three against Chrome and a third against Windows.

The security flaws affect iPhone 6s and later, seventh-generation iPod touches, iPad Air 2s and later, and iPad mini 4s and later. The flaws are:

  • CVE-2020-27930, a code-execution vulnerability that attackers can trigger using maliciously crafted fonts
  • CVE-2020-27950, which allows a malicious app to obtain the locations in kernel memory, and
  • CVE-2020-27932, a bug that allows code to run with highly privileged system rights.

Apple has fixed the zero-days and other vulnerabilities with the release of iOS 14.2 earlier. Apple patched the same vulnerabilities in the Supplementary Update for macOS Catalina 10.15.7. Project Zero leader Ben Hawkes provided his own bare-bones disclosure here.

The disclosure marks the fifth, sixth, and seventh zero-days Project Zero has reported since October 20. CVE-2020-15999, CVE-2020-16009, and CVE-2020-16010 affected Chrome desktop or Chrome for Android. Meanwhile, Project Zero also discovered CVE-2020-117087, a Windows 10 and Windows 7 flaw that allows attackers to escalate system privileges. Hackers had been combining CVE-2020-15999 with CVE-2020-117087. The first one gained limited code execution, and the second ran it with elevated system privileges.

Advertisement

Google has provided no details about the attacks other than they’re targeted (meaning they go after specific individuals of interest) and they’re not related to the November elections. Patches are available for all vulnerabilities other than the Windows one, which is expected to be fixed on Tuesday. While few if any readers were likely targeted with the iOS exploits, people should install Thursday’s release of 14.2 as soon as is practical.

Source link

Share
Tweet
Pinterest
Linkedin
Stumble
Google+
Email
Prev Article
Next Article

Related Articles

Amazon researchers use NLP data set to improve Alexa’s answers
What do Google Assistant, Siri, Alexa, and Cortana have in …

Amazon researchers use AI to improve Alexa’s joke selection

4 ways VCs need to change their approach to consumer companies
I have invested in over a dozen consumer businesses either …

4 ways VCs need to change their approach to consumer companies

Leave a Reply Cancel reply

Find us on Facebook

Related Posts

  • This Week in Apps: Apple Arcade updates, TikTok distances itself from China, Kardashians send shady app to No. 1 – TechCrunch
    This Week in Apps: Apple Arcade updates, …
    01/12/2019
  • Hot Wheels id teaches kids coding and augmented reality with Swift Playground
    Hot Wheels id teaches kids coding and …
    16/12/2019
  • Fast & Furious: Crossroads lives video games a quarter-mile at a time
    Ancestry.com rejected a police warrant to access …
    04/02/2020
  • Comcast resists call to open home Wi-Fi hotspots, cites potential congestion
    Comcast resists call to open home Wi-Fi …
    07/05/2020
  • Fast & Furious: Crossroads lives video games a quarter-mile at a time
    With the development of generalized AI, what’s …
    16/02/2020

Popular Posts

  • SolarWinds hack that breached gov networks poses a “grave risk” to the nation
    Code-execution flaw in VMware has a severity …
    25/02/2021 0
  • Top 10 Unsettling Facts About The Death …
    28/01/2021 0
  • Top 10 Books That Will Change Your …
    28/01/2021 0
  • 10 Notable People Who Foresaw Their Own …
    29/01/2021 0
  • Top 10 Things You Probably Never Knew …
    29/01/2021 0

viralamo

Pages

  • Contact Us
  • Privacy Policy
Copyright © 2021 viralamo
Theme by MyThemeShop.com

Ad Blocker Detected

Our website is made possible by displaying online advertisements to our visitors. Please consider supporting us by disabling your ad blocker.

Refresh