Apple Issues Patch for Remote Hacking Bug Affecting Billions of its Devices - Hexafusion Blog | Hexafusion
  • Contact Us At

    Vancouver: 604-757-2010

         Toronto: 416-236-6300

  • E-Mail Us @

     

Hexafusion Blog

Apple Issues Patch for Remote Hacking Bug Affecting Billions of its Devices

Apple-security-updat_20210310-030137_1

Apple has released out-of-band patches for iOS, macOS, watchOS, and Safari web browser to address a security flaw that could allow attackers to run arbitrary code on devices via malicious web content.

Tracked as CVE-2021-1844, the vulnerability was discovered and reported to the company by Clément Lecigne of Google's Threat Analysis Group and Alison Huffman of Microsoft Browser Vulnerability Research.

According to the update notes posted by Apple, the flaw stems from a memory corruption issue that could lead to arbitrary code execution when processing specially crafted web content. The company said the problem was addressed with "improved validation."

The update is available for devices running iOS 14.4, iPadOS 14.4macOS Big Sur, and watchOS 7.3.1 (Apple Watch Series 3 and later), and as an update to Safari for MacBooks running macOS Catalina and macOS Mojave.

Apple security update

The latest development comes on the heels of a patch for three zero-day vulnerabilities (CVE-2021-1782, CVE-2021-1870, and CVE-2021-1871) that was released in January. The weaknesses, which allow an attacker to elevate privileges and achieve remote code execution, were later exploited by the team behind the "unc0ver" jailbreak tool to unlock almost every single iPhone model running 14.3.

It's worth noting that Huffman was also behind the discovery of an actively exploited zero-day bug in the Chrome browser that was addressed by Google last week. But unlike the Chrome security flaw, there is no evidence that CVE-2021-1844 is being exploited by malicious hackers.

Users of Apple devices or those running a vulnerable version of Chrome are advised to install the updates as soon as possible to mitigate the risk associated with the flaws.

News source: https://thehackernews.com/2021/03/apple-issues-patch-for-remote-hacking.html

Microsoft Issues Security Patches for 89 Flaws — I...
CISA Strongly Urges All Organizations to Immediate...

By accepting you will be accessing a service provided by a third-party external to https://hexafusion.com/

Customer Login

Contact us

Learn more about what Hexafusion can do for your business.

Vancouver:  604-757-2010
Toronto:  416-236-6300
 

Hexafusion
250 - 997 Seymour Street
Vancouver, British Columbia V6B 3M1