Apple recently released iOS 16.3 and macOS 13.2 updates for iPhone, iPad, and Mac devices, providing important security patches and fixes for two significant vulnerabilities. A security research firm shared details about these vulnerabilities, which would allow a remote user to bypass Apple’s protections and access a user’s personal data, including camera, microphone, and call history.
Trellix, the security research firm, found flaws that allowed the NSO Group to exploit security protections, which were introduced to block ForcedEntry security exploits in 2021. The research firm reported these flaws to Apple.
The NSPredicate tool, used by developers to filter code, was shored up with a protocol called NSPredicateVisitor to improve the security of Apple’s software. ForcedEntry could bypass this mechanism, giving attackers access to a user’s device. According to Trellix, an attacker could also exploit the security flaw to gain access to sensitive data from other apps on the device, including messages, call logs, photos, and location details.
While there is no evidence that these vulnerabilities have been exploited by bad actors, users are urged to update their devices to the latest version of iOS and macOS to protect against these security flaws. Apple has also updated its release notes, crediting Trellix Senior Security Researcher Austin Emmitt with identifying the security flaws (CVE-2023-23530 and CVE-2023-23531) on both mobile and desktop operating systems. The security firm thanked Apple for its quick response to resolving both flaws.
Also see: Gautam Adani slips in rankings
——————————————————————————-
It would mean the world to us if you follow us on Twitter, Instagram and Facebook.
At Newscazt, we strive to bring you the latest news and stories from India, World, Business, Sports, Entertainment and more. Our team of experienced journalists and writers are committed to delivering accurate and unbiased news and analysis.
We respect the intellectual property rights of others and expect our users to do the same. If you believe that any content appearing on our website infringes your copyright, please let us know by sending your DMCA notice to dmca@newscazt.com providing us with all relevant information.