25 January 2023

Apple ships zero-day patch for older iPhones, iPads


Apple ships zero-day patch for older iPhones, iPads

Apple has issued security updates for macOS, iOS, iPadOS, and WatchOS, to address a zero-day vulnerability affecting older devices running iOS v12.

Trackers as CVE-2022-42856, the zero-day is type confusion issue in the WebKit web browser engine that allows a remote attacker to achieve remote code execution by tricking the victim into visiting a malicious website.

Apple did not share any additional information regarding attacks exploiting the above mentioned flaw, but said it is “aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1.”

The security issue affects iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation) devices.

Besides CVE-2022-42856, the iPhone maker fixed multiple high-risk vulnerabilities impacting its Safari browser, watchOS, iOS 16 and iPadOS 16, macOS Ventura, macOS Monterey, and macOS Big Sur.

Back to the list

Latest Posts

Russia-linked Nodaria APT adds new Graphiron infostealer to its toolkit

Russia-linked Nodaria APT adds new Graphiron infostealer to its toolkit

The new infostealer was observed in attacks targeting Ukrainian organizations.
8 February 2023
CISA releases tool to recover encrypted VMware ESXi servers

CISA releases tool to recover encrypted VMware ESXi servers

According to CISA’s list of bitcoin addresses, over 2,800 ESXi servers have been encrypted to date.
8 February 2023
Threat actors target Ukrainian government agencies with Remcos spyware

Threat actors target Ukrainian government agencies with Remcos spyware

The attack involves a phishing email ostensibly sent by Ukrtelecom, a major Ukrainian internet service provider.
8 February 2023