![]() ![]() The second vulnerability - CVE-2023-28206 (threat level “high” ) - was discovered in the IOSurfaceAccelerator object. The essence of this vulnerability is that, using a specially made malicious page, the bad guys can execute arbitrary code on a device. ![]() The first one - named CVE-2023-28205 (threat level: “high” ) - concerns the WebKit engine, which is the basis of the Safari browser (and not only that more details below). In total, two vulnerabilities were discovered. But let’s take it step by step… Vulnerabilities in WebKit and IOSurfaceAccelerator The vulnerabilities are so critical that, to combat them, Apple rapidly released updates not only for the latest operating systems, but also for several previous versions. No sooner had we written about vulnerabilities in both Apple and Microsoft operating systems, as well as in Samsung Exynos chips, allowing the hacking of smartphones without any action on the part of their owner, than news broke about a couple of very serious security holes in both iOS and macOS - besides the ones that attackers were already exploiting. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |