Or... run Linux on open source hardware. Quit being the product.
Pine Phone 64
Posted on 05/05/2021 11:15:11 AM PDT by Red Badger
One week after Apple carried out its largest iOS and iPad update since September 2020's version 14.0 release, the company has followed up with a new patch for two zero-day vulnerabilities that let hackers execute malicious code on fully updated devices. Additionally, the new release of 14.5.1 also mitigates issues with a bug in the recent App Tracking Transparency feature included in the previous version.
Both of these vulnerabilities are located in the browser engine Webkit, which provides web content for App Store, Mail and Safari as well as other various apps running on iOS, Linux and macOS. Apple described this attack as the processing of maliciously crafted web content resulting in arbitrary code execution. As of now, these two zero-days have been patched.
So far, Apple has issued a notice that these vulnerabilities may have already been exploited. The company has also announced that the second zero-day was discovered by Chinese security research firm Qihoo 360, whereas an anonymous source reported the first vulnerability. At this time, Apple has yet to offer details regarding who is carrying out the exploits or who faces a risk of exploitation.
Google's Project Zero vulnerability research team has assessed that these three new vulnerabilities make the total number of seven actively exploited Apple zero-days. In fact, out of 22 zero-days discovered in 2021 alone, nearly 33 percent have targeted Apple mobile OS. This makes iOS the software most targeted by zero-day after Chrome.
Since these vulnerabilities have been patched, Facebook has taken some issue due to the new security restrictions not allowing the Facebook app to track user activity across other installed applications without explicit user permission. Furthermore, another bug may cause graying out of the App Tracking Transparency toggle in the settings menu, even after users have updated to iOS 14.5.1.
Overall, Apple security and vulnerability research teams emphasize that these types of zero-days pose such a threat to both defenders and users due to the lack of knowledge surrounding their presence. After all, if hackers manage to execute evil code or access a privileged system before incident responders and researchers even realize the vulnerabilities in question exist, the attackers can steal a plethora of data, causing potentially immeasurable damage.
Alongside patches for the discovered vulnerabilities, Apple has also confirmed a patch for the App Tracking Transparency feature bug. This fix will enable users to once again opt out of ad tracking on their Apple devices.
Explore further
Apple urges security upgrade to iPhones, iPads
More information:
support.apple.com/en-us/HT212336 support.apple.com/en-us/HT212335 support.apple.com/en-us/HT212339
UPDATE: taking out old bugs and putting in new ones................
Pingy!................
Thank you Sir... :)
Fake news. Apple devices are bullet proof and can’t ever be compromised.
/sarc
Only if you never turn it on......................
:)
Tell that to FR’s biggest Apple pimp Swordmaker.
Don’t be a jerk to a guy who runs a useful ping list. I suppose you use a flip phone?
Winner!
I begrudgingly use an Apple iPhone. Prefer windws and Samsung. Apple sucks. PERIOD!
Gave up winders decades ago.
Android OS sucks worse than Apple. So there. It’s either one of those, or a flip phone. Enjoy the suck.
Android OS isn’t worse than IOS. Give me your reasons why you think so? With IOS you can’t delete app cache and data and then it becomes a bloated pig. The most bloated are browser apps, FB, Youtube etc. When I went from my Samsung S5 to iPhone 11 Pro there was a good 3 months I was cursing the phone because of stupid limitations that weren’t allowed with the Apple. Like retarded things. With battery saver on I can’t disable the 30 second screen timeout limitation. BS like that is infuriating. With Android I’d be able to make changes in developer options, good luck with that in Apple. Having an Apple feels like living in the nanny state dictating to you what you can and cannot do. Android feels like living in America decades ago before the big brother government control we live under now.
Because Apple has at least some morals when it comes to protection of user data, identity, and privacy, while Google/Android have none whatsoever, that is why.
BS I have more random spam and phising type calls o nce I switched to iphone 11 Pro even with the same number. It was almost within the first month I was getting 10-20 spam type calls per week. With Android I was rarely getting them maybe 2-3 per month. Nice try dude, but that’s a big fail. Any other reason that’s actually based on truth?
Another reason I preferred my Samsung was I was able to tether my phone’s internet connection to my laptop with no limitations. I haven’t been able to do this with Apple, and have to use Hotspot data that runs out after 15GB. When I was on Sprint with my Samsung I was using 40-70GB a month with no speed restrictions. Now on Apple if I go over 15GB speed is dropped to 128kb/s.
Data speeds and quantities are a function of your deal with the carrier, and are device independent.
Have a nice day.
Nice how you gloss over the actual problems of the IOS I posted and just try to point out a trivial fact about carrier data speeds that is skirting the issue. You can’t tether Iphones. Samsung phones you can. I’m guessing you’re one of the iPhone cultists. Here I am with an iPhone and I can call out any of the BS issues they have. I just saw a new update to 14.5 and I quote, “iOS 14.5 includes the option to unlock iPhone with Apple Watch while wearing a face mask”. Are you freaking kidding me? Apple down with the Fauxci mask police too now it seems. Unf’king believable.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.