From:
BigBadBob-at-mrp3-dot-com@testing.local
https://www.theregister.com/2021/09/13/apple_ios_macos_security_fixes/
"Apple on Monday issued security patches for its mobile and desktop
operating systems, and for its WebKit browser engine, to address two
security flaws, at least one of which was, it is said, used by
autocratic governments to spy on human rights advocates."
"One of the bugs, CVE-2021-30860, resides in Apple's CoreGraphics
framework. Reported by researchers at University of Toronto's Citizen
Lab, the bug consists of an integer overflow that allows a malicious PDF
file to achieve arbitrary code execution, allowing spyware and other
malicious programs to run."
OUTCH!!!! (spelled with a T on purpose)
"On August 24, 2021, researchers with the organization reported that the iPhones of nine Bahraini activists had been hacked between June 2020 and February 2021 using NSO Group’s Pegasus spyware and two zero-click
iMessage exploits."
"One was the KISMET exploit identified last year, which affected iOS
prior to version 14. The other more recently identified vulnerability is
called FORCEDENTRY by Citizen Lab and Megalodon by Amnesty
International's security group. The name FORCEDENTRY is a reference to
the exploit's ability to bypass a defense Apple implemented in iOS 14
called Blast Door that was supposed to safeguard iMessage traffic. The messaging exploit is believed to have been in use since February 2021."
and with respect to iMessage exploits...
"The crashes arose when using CoreGraphics to decode JBIG2-encoded data
within a PDF file prepped to trigger the bug. When targeted activists
received these poisoned PDF files – which had a .gif file extension but
were in fact Adobe PDF files containing a JBIG2-encoded stream – no
further action was required to infect the victim's device with malicious
code: they simply had to receive the message. According to Citizen Lab,
the FORCEDENTRY exploit, when successful, installed NSO Group's Pegasus spyware."
not inspiring confidence at the moment...
(yeah we should ALL know better than to trust file extensions with all
of the windows viruses and trojans being spammed as e-mail attachments)
"The other bug patched by Apple, CVE-2021-30858, was reported by an unidentified researcher. Dubbed "Synoptic Acanthopterygian" by Vulnonym,
it's a use-after-free vulnerability that allows malicious web content
processed by Apple's WebKit rendering engine – which Apple requires all browsers on iOS to use – to execute arbitrary code."
I happen to LIKE WebKit for a few reasons. This exploit (possibly
actively being exploited) is also a bit disturbing.
According to the article, Google recently released some of its OWN
Chrome patches, for vulnerabilities that may be a lot like the WebKit ones.
[more in article and linked-to sites from the article]
--
(aka 'Bombastic Bob' in case you wondered)
'Feeling with my fingers, and thinking with my brain' - me
'your story is so touching, but it sounds just like a lie'
"Straighten up and fly right"
--- SoupGate-Win32 v1.05
* Origin: www.darkrealms.ca (1:229/2)