Eric Stylemans’ Post

Apple has released a significant security update for its operating systems, including macOS, iOS, iPadOS, watchOS, tvOS, and visionOS, addressing 90 vulnerabilities. The update, issued on October 29, 2024, includes critical patches that prevent potential attacks, such as unauthorised access to contacts and sensitive location data via the Find My service. The visionOS update fixes over 25 security flaws, enhancing overall system protection. Users are encouraged to keep their software up to date to maintain security. Read more in this article: https://heyor.ca/DUvLuM #InfosecurityMagazine #AppleSecurity #MacOS #iOS

iTunes has an arbitrary code execution vulnerability, potentially enabling attackers to execute malicious code. Apple has issued a security advisory to address this. The company stated it won’t discuss or confirm security issues until investigations are complete and patches are available. iTunes for Windows Vulnerability The vulnerability, tracked as CVE-2024-27793, is currently unclassified in severity. It affects Windows versions of iTunes prior to 12.13.1, potentially enabling the parsing of a malicious file, leading to unexpected code execution or program termination on affected devices. Apple has implemented “improving checks” before parsing malicious files to resolve this issue, reported by Willy R. Vasquez from the University of Texas at Austin. To Continue reading this article, click on this link >>> https://lnkd.in/dFc76tRa #iTunes #arbitrarycode #vulnerability #attackers #malicious #apple #securityissues #patch #windows #cyberattack #cybersecurity #fhn #firsthackersnews #informationsecurity #latestupdates

iTunes has an arbitrary code execution vulnerability, potentially enabling attackers to execute malicious code. Apple has issued a security advisory to address this. The company stated it won’t discuss or confirm security issues until investigations are complete and patches are available. iTunes for Windows Vulnerability The vulnerability, tracked as CVE-2024-27793, is currently unclassified in severity. It affects Windows versions of iTunes prior to 12.13.1, potentially enabling the parsing of a malicious file, leading to unexpected code execution or program termination on affected devices. Apple has implemented “improving checks” before parsing malicious files to resolve this issue, reported by Willy R. Vasquez from the University of Texas at Austin. To Continue reading this article, click on this link >>> https://lnkd.in/erDywc6D #iTunes #arbitrarycode #vulnerability #attackers #malicious #apple #securityissues #patch #windows #cyberattack #cybersecurity #fhn #firsthackersnews #informationsecurity #latestupdates

iTunes has an arbitrary code execution vulnerability, potentially enabling attackers to execute malicious code. Apple has issued a security advisory to address this. The company stated it won’t discuss or confirm security issues until investigations are complete and patches are available. iTunes for Windows Vulnerability The vulnerability, tracked as CVE-2024-27793, is currently unclassified in severity. It affects Windows versions of iTunes prior to 12.13.1, potentially enabling the parsing of a malicious file, leading to unexpected code execution or program termination on affected devices. Apple has implemented “improving checks” before parsing malicious files to resolve this issue, reported by Willy R. Vasquez from the University of Texas at Austin. To Continue reading this article, click on this link >>> https://lnkd.in/e-_UdhAU #iTunes #arbitrarycode #vulnerability #attackers #malicious #apple #securityissues #patch #windows #cyberattack #cybersecurity #fhn #firsthackersnews #informationsecurity #latestupdates

Apple has released critical security updates for iOS, iPadOS, macOS, and other platforms to address actively exploited vulnerabilities. Users are strongly advised to update their devices promptly. Summary: In November 2024, Apple issued emergency security patches for multiple operating systems, including iOS 18.1.1, iPadOS 18.1.1, macOS Sequoia 15.1.1, Safari 18.1.1, and visionOS 2.1.1. These updates address two significant vulnerabilities: CVE-2024-44308: A flaw in JavaScriptCore that could allow arbitrary code execution through malicious web content. CVE-2024-44309: A WebKit vulnerability enabling cross-site scripting attacks via crafted web content. Both vulnerabilities have been actively exploited, particularly on Intel-based Mac systems. Apple has not disclosed specific details about the threat actors involved. The vulnerabilities were identified by Google's Threat Analysis Group. https://lnkd.in/gZJmrrqz

Attention Apple Users !! A critical vulnerability, CVE-2024-23204, affects Apple's Shortcuts app, which allows attackers to access sensitive data across macOS and iOS devices without user permission is out. This flaw bypasses Apple's security framework, enabling silent data theft. Bitdefender researchers demonstrated a proof-of-concept exploit, highlighting the risk of inadvertent dissemination of malicious shortcuts. The bug affects devices running versions preceding macOS Sonoma 14.3, iOS 17.3, and iPadOS 17.3, with a high severity rating on the CVSS. Apple has released patches, urging users to update their software. #vulnerability #apple #security #cyberawareness https://lnkd.in/e3XdQdAU

"Researchers Detail Apple's Recent Zero-Click Shortcuts Vulnerability Details have emerged about a now-patched high-severity security flaw in Apple's Shortcuts app that could permit a shortcut to access sensitive information on the device without users' consent. The vulnerability, tracked as CVE-2024-23204 (CVSS score: 7.5), was addressed by Apple on January 22, 2024, with the release of iOS 17.3, iPadOS 17.3, macOS Sonoma 14.3, and watchOS 10.3." #vulnerability #cve #apple #cybersecurity

Apple has released security patches for iOS 18, addressing at least 33 security vulnerabilities. Key issues include a serious Control Center bug that could let apps record the screen unnoticed, a Core Bluetooth flaw allowing malicious devices to bypass pairing, and a kernel vulnerability leaking network traffic outside VPNs. Additionally, a WiFi issue allows attackers to disconnect devices from secure networks, along with multiple vulnerabilities in Safari’s Private Browsing and sandbox features. These updates aim to enhance security and protect users from potential exploits. #cybersecurity https://lnkd.in/ggsvZGCB

#Apple recently patched #two #zeroday vulnerabilities that were being exploited in attacks on Intel-based Macs and other devices. The issues, affecting the #Kernel and #WebKit frameworks, allowed attackers to gain control by executing malicious code. Users are urged to update their devices immediately to the latest versions of macOS and iOS to protect against these security flaws. This years Zero-day counter is on 18 this year. https://lnkd.in/eHct2n3s

iOS Vulnerability - Cert-In says the flaws in Safari web browser versions before version 17.4.1, iOS and iPadOS versions before version 17.4.1 could allow attackers to “execute arbitrary code” on targeted devices- This is the second time within a month that the Cert-In has flagged flaws in the Apple iOS and iPadOS ecosystem- https://lnkd.in/dGBDMq_m #iOS #vulnerability #cybersecurity