9 months ago
66
Apple released iOS 17.1.2 and iPadOS 17.1.2 earlier on Thursday with patches for a few zero-day vulnerabilities that were discovered lately. Both the zero-day vulnerabilities were related to WebKit browser engine affecting iPhone XS and later, iPad Pro 10.5” and 11” 1st-gen and later, iPad Air 3rd-gen and later, iPad Pro 12.9” 2nd-gen, as well as iPad 6th-gen & later and finally, iPad mini 5th & later.
According to the reports, the first vulnerability, if exploited, would’ve allowed attackers to find sensitive information when the device is processing web content. Identified as CVE-2023-4291, the vulnerability was discovered by Clement Lecigne of Threat Analysis Group at Google. The Cupertino-based giant has been aware of the issue that affects ioS 16.7.1 and older.
The report adds the flaw would allow attackers to read beyond buffer potentially exposing sensitive information such as bank accounts and credit cards details.
The second of the flaws identified as CVE-2023-42917 deals with the web content processing where an arbitrary code execution would allow attackers to run code or commands potentially stealing personal information. Unfortunately, some of the users might have already been victim to these vulnerabilities on iPhones and iPads running iOS 16.7.1 and other.
In any case, the iOS 17.2 and iPadOS 17.2 has successfully patched these issues. You can check out for the OTA update via Settings >> General >> Software Update.
You can follow Smartprix on Twitter, Facebook, Instagram, and Google News. Visit smartprix.com for the most recent news, reviews, and tech guides.
English (US)