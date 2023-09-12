逸耘居

揭开新技术和人工智能的力量

技术

Apple Releases Security Updates to Fix Zero-Day Vulnerability in Older iPhones

By加布里埃尔博塔

12 年 2023 月 XNUMX 日
Apple Releases Security Updates to Fix Zero-Day Vulnerability in Older iPhones

Apple has issued security updates for older iPhone models in order to address a recently discovered zero-day vulnerability. Tracked as CVE-2023-41064, this vulnerability was actively exploited to infect iOS devices with the Pegasus spyware developed by NSO Group.

The zero-day vulnerability, CVE-2023-41064, is a remote code execution flaw that is exploited by sending maliciously crafted images through iMessage. Citizen Lab, a security research group, revealed earlier this month that this vulnerability, along with another flaw known as CVE-2023-41061, were part of a zero-click attack chain called BLASTPASS. In this attack, specially crafted images were sent via iMessage PassKit attachments to install spyware on targeted devices.

Even fully patched iOS devices running version 16.6 were susceptible to this attack. In response, Apple released macOS Ventura 13.5.2, iOS 16.6.1, iPadOS 16.6.1, and watchOS 9.6.2 as security updates to fix these vulnerabilities. The Cybersecurity and Infrastructure Security Agency (CISA) also issued an alert requiring federal agencies to apply the patches by October 2, 2023.

To further protect devices, Apple has backported the security updates to older software versions. iOS 15.7.9 and iPadOS 15.7.9, macOS Monterey 12.6.9, and macOS Big Sur 11.7.10 now include the necessary fixes.

It should be noted that support for iOS 15 ended in September 2022, while Monterey and Big Sur are still supported by Apple. The security updates cover a range of older iPhone models, including iPhone 6s, iPhone 7, first-generation iPhone SE, iPad Air 2, fourth-generation iPad mini, and seventh-generation iPod touch.

While no attacks on macOS computers have been observed thus far, it is still strongly recommended to apply the security updates on these devices as well. Apple has been working diligently throughout the year to fix various zero-day vulnerabilities across its platforms, with a total of 13 vulnerabilities being patched so far.

来源：
– [源文章标题](source-url)
– [源文章标题](source-url)

By 加布里埃尔博塔

相关帖子

技术

日本将开发甲烷燃料火箭发动机 2030 年发射

16 年 2023 月 XNUMX 日 罗伯特·安德鲁
技术

Discover Samsung 促销：仅需 1 美元即可购买 Samsung SmartThings Station！

16 年 2023 月 XNUMX 日 曼波布雷西亚
技术

整理的艺术：放弃多余的东西

16 年 2023 月 XNUMX 日 加布里埃尔博塔

你错过了

科学

椎骨的起源及其在肿瘤转移中的作用

17 年 2023 月 XNUMX 日 罗伯特·安德鲁 0条评论
科学

使用 eDNA 了解整个人群的基因组成

17 年 2023 月 XNUMX 日 加布里埃尔博塔 0条评论
科学

美国宇航局宇航员和宇航员安全抵达国际空间站

17 年 2023 月 XNUMX 日 曼波布雷西亚 0条评论
科学

新的月球竞赛：建立月球经济

17 年 2023 月 XNUMX 日 薇琪斯塔夫罗普卢 0条评论