On June 21, Apple released iOS 16.5.1, macOS 13.4.1, iPadOS 16.5.1, and watchOS 9.5.2 updates for iPhone, Mac, iPad, and Apple Watch users. The company recommends that users download and install them immediately to patch dangerous vulnerabilities.
 |
| Apple releases patch for iPhone spying vulnerability. |
Accordingly, Apple has received information about vulnerabilities that may have been exploited for iOS versions 15.7 and earlier. Two of these were discovered and reported by security researchers at Kaspersky.
In addition, the iOS spyware used in the Triangulation campaign has just been announced by Kaspersky. Specifically, after gaining system privileges on iOS devices through exploiting kernel vulnerabilities, the TriangleDB malware implant will be deployed in memory, meaning all traces of it will be lost when the device is restarted.
Additionally, Apple patched a zero-day WebKit vulnerability reported by an anonymous researcher that could allow attackers to execute arbitrary code on unpatched devices.
Thus, the iPhone maker patched three zero-day vulnerabilities in macOS Ventura 13.4.1, macOS Big Sur 11.7.8, macOS Monterey 12.6.7, iOS 15.7.7 and iPadOS 15.7.7, iOS 16.5.1 and iPadOS 16.5.1, watchOS 9.5.2 and watchOS 8.8.1. The list of affected devices includes: iPhone 8 and later, iPad Air 3 and later, iPad mini 5 and later, iPad 5 and later, iPad Pro; iPhone 6s, iPhone 7, iPad Air 2, iPad mini 4, iPhone SE 1, iPod touch 7; Monterey and Ventura, Mac computers running macOS Big Sur; Apple Watch 3 and later and SE.
Since the beginning of the year, Apple has patched a total of nine zero-day vulnerabilities that were exploited in the wild on iPhones, iPads, and Macs.
Source
Comment (0)