Rechercher dans ce blog

Friday, November 6, 2020

iOS 14.2: Apple Just Gave iPhone Users 24 Security Reasons To Update Now - Forbes

ios.indah.link

Apple has just released iOS 14.2, along with some cool updates to the operating system. But it also comes with a hefty list of 24 security fixes. Some of these issues are serious and are apparently already being exploited, so it’s recommended that you update your iPhone as soon as possible. 

So, what’s been fixed?

Among the biggest security issues fixed in iOS 14.2 are three vulnerabilities that Google’s Project Zero ethical hackers claim are already being exploited. 

The first is CVE-2020-27930—an issue in FontParser which could allow attackers to run code remotely. Apple says it is “is aware of reports that an exploit for this issue exists in the wild.”

Recommended For You

This means that attackers are allegedly using this vulnerability to successfully attack Apple users.

Another issue in the Kernel, CVE-2020-27950 means a malicious application could disclose kernel memory. Again, Apple says it’s aware of reports this issue is being exploited. At the same time, another Kernel issue fixed in iOS 14.2 dubbed CVE-2020-27932 could allow a malicious app to execute code with Kernel privileges—an issue that Apple is aware is reportedly being exploited. 

Why you should apply the iOS 14.2 security update now 

So how concerned should you be? It’s not known how actively these vulnerabilities are being exploited and whether they are targeted at specific individuals or the wider iPhone user base. After all, it wouldn’t be sensible to share more details until everyone has updated their iPhones and iPads to iOS 14.2.

Sean Wright, SME application security lead at Immersive Labs says the FontParser vulnerability is “worrying.” However, he says: “There are few details to go off so it is unclear just how much of a risk this may pose.”

As for the kernel vulnerability, Wright says: “It is unclear how freely available this is, but this is perhaps the most worrying. The ability to read data and being able to execute code within the kernel is as bad as it gets, given that the kernel is essentially the heart of the operating system. But it appears the user needs to install a malicious application in order to for this exploit to be able to be run.”

So there you have it—don’t panic but do make sure you update your iPhone to iOS 14.2 as soon as you can. In addition, only install apps via the Apple App store to avoid being caught out by malicious applications. 

Apple’s iOS 14 comes with a bunch of cool new features, including the ability to see if an app is using your mic or camera without your knowledge. But updating your phone isn’t just for features—security fixes are an integral part of keeping your iPhone and data safe.

The Link Lonk


November 06, 2020 at 04:56PM
https://ift.tt/2TVTbC6

iOS 14.2: Apple Just Gave iPhone Users 24 Security Reasons To Update Now - Forbes

https://ift.tt/2ZaIe2Q
iOS

No comments:

Post a Comment

Featured Post

Microsoft’s xCloud game streaming is now widely available on iOS and PC - The Verge

ios.indah.link Microsoft’s xCloud, the cloud game streaming component of Xbox Game Pass Ultimate that doesn’t require a console to use, is ...

Popular Posts