Internet

Attackers can break out of the sandbox

Key - Icon Image

Older versions of iOS and macOS are affected by a security problem that allows, among other things, an attacker to break out of a sandbox. The problem is related to an interface for using system functions that Apple uses in iOS and macOS. Apple was informed of this bug some time ago.Older versions of iOS and macOS have a security problem that has not yet been resolved in these versions. It allows an attacker to give his malware rights that it shouldn’t have and to execute code with these rights in the further course. This also enables malware to break out of the sandbox, which under iOS and macOS is actually supposed to ensure that no app accesses data that does not concern it. The problem lies in an interface called XPC, which Apple uses in iOS and macOS to map certain system functions.

The problem has already been resolved in current versions of iOS and macOS

The current versions of iOS and macOS are not affected by this problem, explained the security researcher Zhipeng Huo, who documented the problem in detail. iOS 14 and macOS Big Sur are safe. IOS 13 is probably no longer susceptible from version 13.5. However, Apple has not fixed this bug in the various versions of iOS 12, and worse: Apparently macOS 10.15 – currently still in use – and its predecessor macOS 10.14 are not protected against this risk.

It is not known if and when Apple would like to plug the hole in the affected versions. Apple was informed of the problem last year.

Source link

Most Popular

To Top
India and Pakistan’s steroid-soaked rhetoric over Kashmir will come back to haunt them both clenbuterol australia bossier man pleads guilty for leadership role in anabolic steriod distribution conspiracy