Serious Security Vulnerabilities Discovered in Apple’s Operating System
On April 18th, it was announced that Kaspersky, an antivirus software, had once again discovered a very serious vulnerability in Apple\’s operating system. Attackers can gain root p
On April 18th, it was announced that Kaspersky, an antivirus software, had once again discovered a very serious vulnerability in Apple’s operating system. Attackers can gain root privileges, which may compromise the security of user assets. These very serious security vulnerabilities in iOS and macOS have been exploited by attackers. To address these vulnerabilities, Apple quickly released updates to previous versions. These vulnerabilities are crucial, please update them quickly.
Kaspersky: Apple has released an update for operating system vulnerabilities, please update iOS and macOS immediately
Apple has recently been in the spotlight due to serious security vulnerabilities that have been discovered in their operating system. On April 18th, Kaspersky, a leading antivirus software, made an announcement that these vulnerabilities may compromise the security of user assets. The attackers can gain root privileges, which can lead to significant data theft and exploitation. In this article, we will delve deeper into the details of the vulnerabilities that have been discovered in iOS and macOS operating systems.
Overview of the Vulnerabilities
The vulnerability primarily exists in the Apple operating system’s codes that process parsing of the Universal Plug and Play (UPnP) packets. The UPnP packets are important for the network devices to discover each other and establish link communication. Attackers, by sending packets with malformed payloads, can exploit the vulnerability to gain root privileges on the device. Root access allows attackers to install malicious software, access sensitive data, and control the device remotely. The vulnerability has been rated as one of the highest criticality levels by the Common Vulnerability Scoring System (CVSS) and is cataloged as “CVE-2021-30665.”
How Attackers Exploit the Vulnerability
The attackers can exploit the vulnerability using different methods. They can either send a specially crafted packet to a user’s device on an external network, or they can use a network attack tool to automatically locate vulnerable devices actively. Attackers can use various methods to exploit the vulnerabilities. For example, attackers can create phishing websites, which lead to downloads of infected files containing malware through a user’s browser. Phishing emails that exploit the vulnerability may also be seen by users because email programs utilize the network discovery capabilities continuously. Therefore, users may accidentally download or open the emails, leading to infection or compromise of their systems.
Apple’s Response
To address the recent vulnerabilities, Apple swiftly released updates to their previous versions. Apple users can update their devices automatically by going to the settings app and clicking on the ‘software update’ option. This is a crucial update since the vulnerability is rated a severity score of 9.8 (out of 10) by the CVSS apparatus.
How to Protect Yourself
It is essential to update your Apple devices as soon as possible to avoid exploitation of this vulnerability. As a precautionary measure, users must be careful when downloading any unknown files. They should also keep their devices up-to-date to avoid any security issues. Users should also use reputed antivirus software to protect themselves from any potential threats.
Conclusion
The recent security vulnerabilities in Apple’s operating system have raised concerns amongst users. Attackers can exploit these vulnerabilities to compromise devices and sensitive data theft. Apple has taken swift actions to address the vulnerabilities by releasing updates to previous versions. As a responsible user, updating your devices to the latest version is critical to safeguard it against these vulnerabilities.
FAQs
Q1. What is the severity level of the vulnerability discovered in Apple’s operating system?
The vulnerability discovered in Apple’s operating system has a severity level score of 9.8 (out of 10) by the Common Vulnerability Scoring System (CVSS) apparatus.
Q2. How can an attacker exploit the Apple operating system’s vulnerability?
Attackers can exploit the Apple operating system’s vulnerability by sending packets with malformed payloads to the network devices. By exploiting this vulnerability, attackers can gain root privileges on the device, install malicious software, access sensitive data, and control the device remotely.
Q3. What should Apple users do to protect their devices from exploitation?
Apple users should update their devices as soon as possible to the latest version. They should also be careful while downloading any unknown files and utilize reputable antivirus software to protect their devices.
This article and pictures are from the Internet and do not represent Fpips's position. If you infringe, please contact us to delete:https://www.fpips.com/20966/
It is strongly recommended that you study, review, analyze and verify the content independently, use the relevant data and content carefully, and bear all risks arising therefrom.
Recommended articles
-
What does mining in blockchain mean
What does mining mean in blockchain? Mining is a digital currency that performs calculations on the network, also known as encrypted assets. It is considered to be one of the oldest concepts in the computer field, but with the increasing use of decentralized Cryptocurrency such as Bitcoin, its value is also rising; From another perspective, blockchain solves this problem through mining, providing new ideas and approaches for the development of the industry So, what exactly is mining? Simply put, storing data on a secure, transparent, and traceable network. If we place the data of the entire network on a ledger or a node, we can verify the transaction and confirm whether it is legal and its authenticity. So in such a situation, a large amount of computing power is required to ensure the security of the system Therefore, during the mining process, it is necessary to mine these data to avoid unnecessary or unpredictable situations. For ordinary users, in addition…
-
Baidu Launches Big Language Model “ERNIE Bot”
It is reported that Robin Lee, CEO of Baidu, announced that Baidu officially launched the big language model “ERNIE Bot”. From March 16, the first batch of users can experience the product on the official website of ERNIE Bot through the invitation test code, which will be opened to more users in the future. Baidu officially launched the big language model “ERNIE Bot” Analysis based on this information:The world of artificial intelligence continues to evolve and Baidu, one of China’s leading technology companies, is at the forefront of it. Baidu CEO, Robin Lee, recently announced the official launch of the big language model “ERNIE Bot”, offering an innovative and practical solution to the growing communication needs of businesses and individuals. According to reports, the “ERNIE Bot” is based on Baidu’s in-house developed deep neural network architecture, known as “ERNIE” (Enhanced Representation through kNowledge IntEgration). This architecture is designed to provide deep understanding of written and spoken language and is capable…
-
Institutions transferring SNXs to Coin An: Implications for Synthetix
According to reports, Lookonchain monitoring data shows that institutions that purchased approximately 5.437 million SNXs from Synthetix Treasury for $1500 from March 14 to March 16 transferred 2.66 million SNXs (approximately $7.5 million) to Coin An five hours ago. Data: An institution transferred 2.66 million SNXs to Coin An today, approximately $7.5 million Analysis based on this information:The cryptocurrency market is constantly evolving and changing, with new activities and transactions happening every day. Recently, Lookonchain monitoring data has reported a significant transfer of SNXs, the proprietary token of blockchain-based synthetic asset platform Synthetix, from institutions to Coin An. The institutions reportedly purchased approximately 5.437 million SNXs from Synthetix Treasury for $1500 between March 14 and March 16, and then transferred 2.66 million SNXs (approximately $7.5 million) to Coin An five hours ago. This transfer and purchase indicate a strong institutional interest in Synthetix as well as the wider cryptocurrency market. It is an early indicator of the demand for Synthetix’s…
-
NBA star “Magic” Johnson submits an NFT trademark application
According to reports, according to two U.S. Patent and Trademark Office documents 97843294 and 97843322 disclosed by trademark attorney Mike Kondoudis on social media, NBA star \”Ma
-
What is the currency of usat (What is the currency of usg)?
What is the currency of usat? According to IMEOS, usat is a blockchain-based de
-
Grayscale’s Total Position and Trust Premium Rates
It is reported that the on-chain data shows that the current total position of grayscale is up to $21158 million, and the trust premium rate of mainstream curr…
-
Universal Ledger Completes $10 Million Financing: The Future of Wallet as a Service
According to reports, Universal Ledger, a wallet as a service provider, announced the completion of a $10 million financing, led by Hard Yaka. Universal Ledger aims to help users b
-
Binance to Launch CFX 1-20 Times U Standard Perpetual Contract
According to the official announcement, Binance will launch the CFX 1-20 times U standard perpetual contract at 22:30 on February 20.
Binance will laun…
-
Bluesky, the decentralized social network supported by Jack Dorsey, set to launch on the App Store
It is reported that Bluesky, a Twitter alternative supported by Jack Dorsey, has released an invitation beta in the App Store. According to the report, Bluesky…
-
Huge RNDR Transfer to Coin An and Huobi
On March 13, it was reported that an address with 16.04 million RNDRs initially allocated would transfer 3 million RNDRs (valued at about $3.51 million) to Coin An, according to the ember monitoring of data analysts on the chain. After the address obtained RNDR on March 15, 2021, it continued to sell or transfer RNDR through DEX to trading platforms such as Coin An and Huobi. 1. Acquire more than 16 million RNDR initial allocation addresses and transfer 3 million RNDR to Coin An Analysis based on this information:On March 13, an address holding 16.04 million RNDRs transferred 3 million RNDRs to Coin An, which is valued at approximately $3.51 million. According to data analysts, this transfer was closely monitored on the chain. The same address continued to sell or transfer RNDRs through DEX to other trading platforms such as Huobi after acquiring RNDRs on March 15. The RNDR token is a utility token on the Rendereum platform, which is…
-
Staging Labs Completes $1.1 Million Funding Round to Improve Crypto Security
According to reports, Staging Labs, a crypto transaction security solution provider, announced the completion of a $1.1 million pre seed round of financing with the participation of Florish Ventures. The company hopes to establish the same regulatory and system protection in traditional financial fields in the crypto world to prevent fraud and fraud. Staging Labs completed a $1.1 million pre feed round of financing Analysis based on this information:Staging Labs, a crypto transaction security solution provider, has completed a $1.1 million pre-seed round of financing with the participation of Florish Ventures. The funding will allow the company to take steps towards establishing regulatory and system protection in the crypto world, similar to that of traditional financial fields, with the aim of preventing fraud and enhancing security. Despite its increasing popularity, the cryptocurrency market continues to be plagued by security challenges. Crypto exchanges and wallets have become a target for hackers and fraudsters due to their perceived security vulnerabilities. This has…
-
The server returned an error message:That model is currently overloaded with other requests. You can retry your request, or contact us through our help center at help.openai.com if the error persists. (Please include the request ID ef04da25b123c17c0f740eccfc9e6bda in your message.)
On April 4th, it was announced that the football metaverse project TOPCOAL has received millions of dollars in investment from DWF Labs, a Web3 venture capital company and digital
-
BNB Chain Updates Dapp Bay High-Risk dApp Red Alert Project List
On April 17th, BNB Chain updated its Dapp Bay high-risk dApp red alert project list. This week\’s list includes Pinaki, Elvantis, Leech Protocol, Streamflow, Only Brain, XOP Project
-
What brand is VeChain (latest VeChain news)
What brand is VeChain, also known as VeChain.On September 16, 2018, according to
-
Soul Bound Tokens (SBTs): Are They Frauds or Innovation?
On April 28th, Daniel Buchner, the head of Decentralized Identity (DID) network for Jack Dorsey\’s payment company Block, stated at the 2023 Consensus Conference that Soul Bound Tok
-
Sensorium Announces Investment Agreement With DWF Labs
On April 6, it was reported that Sensorium, an AI driven metauniverse project, officially announced that it had reached an investment agreement with DWF Labs. According to the requ