HackDig : Dig high-quality web security articles for hacker

Apple Patches Include iOS 9.1 Update, Pangu Jailbreak Fix

It was only three weeks ago that Apple patched its core line of products and pushed its latest version of OS X, El Capitan. Yet another wave of patches arrived Thursday however to address scores of vulnerabilities in OS X, iOS, Safari, iTunes, and even the company’s smart watch operating system, watchOS.With the iOS update, iOS 9.1, Apple effectively k
Publish At:2015-10-22 03:40 | Read:2467 | Comments:0 | Tags:Apple Vulnerabilities apple Apple patches El Capitan ios iPh

Apple watchOS2 Includes Host of Code-Execution Patches

Apple today brought a smile to the face of gadget geeks with the release of watchOS2, and for the second time in five months, a new version of the Apple Watch operating system brought with it a flurry of security patches.This round includes more than a dozen code execution vulnerabilities in a number of components, along with some certificate validation issu
Publish At:2015-09-22 00:30 | Read:2604 | Comments:0 | Tags:Apple Mobile Security Vulnerabilities apple Apple patches Ap

Apple Patches QuickTime Crash and Code Execution Flaws

Apple on Thursday pushed out a new version of QuickTime for Windows that patched nine vulnerabilities, including a handful reported Aug. 13 by Cisco Talos and Fortinet researchers.All five flaws, if exploited, could lead to a crash of the media player or code execution in some cases, Apple said in its advisory. Two other vulnerabilities reported by Cisco and
Publish At:2015-08-21 12:00 | Read:1688 | Comments:0 | Tags:Apple Vulnerabilities apple Apple patches Apple Quicktime de

Apple Patches Critical OS X DYLD Flaw in Monster Update

Apple yesterday patched a critical privilege escalation vulnerability in OS X 10.10 that was disclosed in early July. The flaw in OS X’s dynamic linker called dyld was specific to a new feature that allowed for error logging to arbitrary files.Researcher Stefan Esser shared details of the vulnerability and source code for a kernel extension that mitiga
Publish At:2015-08-14 21:20 | Read:2860 | Comments:0 | Tags:Apple Vulnerabilities Web Security apple Apple patches apple

Apple Fixes Cookie Access Vulnerability in Safari on Billions of Devices

When Apple pushed out its most recent round of patches last week it fixed a cookie vulnerability that existed in all versions of Safari, including those that run on iOS, OS X, and Windows. According to researchers who dug it up, the number of affected devices may total one billion.The issue – present in Webkit – is technically a cross-domain vulnerability, m
Publish At:2015-04-15 01:55 | Read:2521 | Comments:0 | Tags:Apple Vulnerabilities Web Security apple Apple patches Cooki

Details Disclosed on Darwin Nuke Bug in OS X, iOS

Since Apple released a monster batch of patches for OS X and iOS last week, details on a number of the vulnerabilities that were addressed have been made public.The latest concerns a kernel vulnerability in the Darwin operating system, an open-source OS developed and used by Apple in its desktop and mobile platforms. The so-called Darwin Nuke bug, CVE-201
Publish At:2015-04-13 17:55 | Read:2839 | Comments:0 | Tags:Apple Hacks Mobile Security Vulnerabilities apple Apple patc

Older Versions of OS X Remain Vulnerable to Rootpipe ‘Hidden Backdoor API’

UPDATE: Apple patched the so-called Rootpipe backdoor in OS X, but only in current versions of Yosemite. According to the researcher who found the vulnerability, Apple told him that it would not backport the fix to 10.9.x and older.The vulnerability, located in the OS X Admin framework, was patched Wednesday in a monster OS X update in Yosemite 10.10.3. E
Publish At:2015-04-11 01:55 | Read:2699 | Comments:0 | Tags:Apple Vulnerabilities apple Apple patches apple security App

Apple Patches 80 Bugs in OS X Yosemite 10.10.3

Apple on Wednesday released close to 80 security updates for OS X, including remote code execution vulnerabilities in a dozen components that were patched in Yosemite 10.10.3.The OS X update was released the same day as an extensive update in iOS 8.3 that patched three dozen code execution and privilege escalation vulnerabilities. Details are trickling ou
Publish At:2015-04-09 17:50 | Read:1608 | Comments:0 | Tags:Apple Vulnerabilities apple Apple OS X patches Apple patches

Apple Fixes Proxy Manipulating Phantom Attack in iOS 8.3

If left unpatched, one of the vulnerabilities fixed in this week’s iOS update could render an iPhone near useless. If triggered, it could cause networking apps to quit, the system to grind to a halt. In some cases, the device wouldn’t even be able to be rebooted.The vulnerability, nicknamed Phantom by researchers at FireEye, stems from a misconfi
Publish At:2015-04-09 17:50 | Read:1795 | Comments:0 | Tags:Apple apple Apple patches ios iphone Patch management Phanto

Apple Patches WebKit Vulnerabilities in Safari

Apple on Tuesday pushed out new versions of its Safari browser that address 17 security vulnerabilities in the WebKit engine.Safari 8.04, 7.14 and 6.24 patch multiple memory corruption issues in WebKit, Apple said.“These issues were addressed through improved memory handling,” Apple said in its advisory.The advisory is sparse in other details on
Publish At:2015-03-18 17:00 | Read:1918 | Comments:0 | Tags:Apple Vulnerabilities Web Security apple Apple patches apple

Thunderstrike Patch Slated for New OS X Build

In addition to patching the three Project Zero vulnerabilities disclosed last week, Apple is apparently readying a fix for the Thunderstrike boot attack as well, something that will purportedly rid all Macs running Yosemite of the issue.All of the vulnerabilities have reportedly been fixed in Yosemite 10.10.2, the next build of the OSX, currently in beta and
Publish At:2015-01-27 03:55 | Read:6322 | Comments:0 | Tags:Apple Vulnerabilities Apple OS X Apple patches Bootkit Explo

Apple Pulls Latest Round of Safari Patches

Apple has pulled a batch of security updates for Safari that it initially released yesterday. The updates were set to address several usability and security issues in the browser including some that could have led to code execution and data exfiltration.While notes for the patches are still published in the security section of Apple’s support site, the
Publish At:2014-12-04 19:35 | Read:2205 | Comments:0 | Tags:Apple Vulnerabilities apple Apple patches code execution Mem

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud