News

Apple also fixes zero days in OS X after iOS

By admin
Spread the love

Apple has released a security patch for OS X versions Yosemite and El Capitan, which fixes two vulnerabilities. An update was also released for the Safari browser, which also fixes a security vulnerability.

Details about the update have been posted by Apple on its website. These are two leaks with identification codes CVE-2016-4655 and CVE-2016-4656. Both are so-called zero day vulnerabilities that allow unauthorized access to the kernel. Furthermore, Safari version 9.1.3 was released, which fixed a third zero day vulnerability. This was CVE-2016-4657, and details of the patch are on Apple’s website.

The update follows after Apple released version 9.3.5 of iOS earlier this week. This also eliminated these three zero days. The security holes allowed attackers to gain access to the kernel of an iOS device. This allows data such as messages, telephone conversations and information from all kinds of apps to be stolen. All three security holes were found by Citizen Lab and Lookout companies. Because Apple uses a lot of the same code for OS X and iOS, the bugs can be found in both the mobile and desktop OS.

The zero days in question may have been abused for years. Malware called Pegasus has surfaced, and research into the software in question is said to have led to the Israeli NSO Group, owned by the American Francisco Partners.

You might also like
News

Apple has been working on its own search engine for years. It’s called…

News

Rumor: Apple is working on its own applications based on a large language model

News

EU Council determines position on security requirements for digital products

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

Microsoft announces Bing Chat Enterprise and Copilot pricing for businesses

News

Meta introduces open source language model Llama 2, works on PCs and phones