Apple Fixes Zero-Day Exploits with Release of iOS 12.1.4

cageymaru

Fully [H]
Joined
Apr 10, 2003
Messages
19,817
Apple has released iOS 12.1.4 and it fixes two zero-day exploits that had been abused by hackers. According to Google Project Zero team lead, Ben Hawkes, "CVE-2019-7286 and CVE-2019-7287 were exploited in the wild as 0day." CVE-2019-7286 allowed hackers to gain elevated privileges by using a malicious app to exploit a memory corruption bug. CVE-2019-7287 allowed a malicious app to exploit a memory corruption bug to execute arbitrary code with kernel privileges. Apple credited multiple Google members for reporting the exploits.

iPhone users are advised to update their devices to iOS 12.1.4 as soon as possible. This release also fixes the infamous FaceTime bug that allowed users to eavesdrop on others using group FaceTime calls.
 

WBurchnall

2[H]4U
Joined
Oct 10, 2009
Messages
2,620
Ah, how nice of Google to work to fix their competitors broken software. Not everyday you see that kind of cooperation.
 

Nolan7689

[H]ard|Gawd
Joined
Jun 5, 2015
Messages
1,525
Ah, how nice of Google to work to fix their competitors broken software. Not everyday you see that kind of cooperation.
Take your rhetoric somewhere else. No software is written perfectly, and bugs and exploits are found by all sorts of people regardless of their current careers or the software they’re looking at.
 

trparky

Gawd
Joined
Jul 23, 2009
Messages
971
Take your rhetoric somewhere else. No software is written perfectly, and bugs and exploits are found by all sorts of people regardless of their current careers or the software they’re looking at.
Exactly. Meanwhile Android has this humdinger of an exploit. You don't even need to load an app, just visit a web site and... p0wned. Luckily if you have a newer version of Android you're safe.
 
Top