Apple Patches 22 Vulnerabilities in WebKit

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,057
Apple this week released a new set of patches to address various security flaws across its product portfolio, including 22 bugs impacting WebKit.

Most of these vulnerabilities, Apple has revealed, could be exploited for the arbitrary execution of code during the processing of maliciously crafted web content. The vulnerabilities are memory corruption issues that have been addressed with improved memory handling.

A total of 19 such flaws were addressed, along with 3 other vulnerabilities that could lead to universal cross site scripting. Also triggered by maliciously crafted web content, these vulnerabilities were addressed with improved state management.
All 22 vulnerabilities impact iOS and were addressed with the release of iOS 12.4 this week. The platform update also addresses 15 other flaws in Core Data, FaceTime, Found in Apps, Foundation, Heimdal, libxslt, Messages, Profiles, Quick Look, Siri, Telephony, UIFoundation, and Wallet.

These flaws could result in memory leaks, arbitrary code execution, unexpected application termination, the intercepting of communications between services to perform unauthorized actions, viewing sensitive information, and restricted access to websites.
The vulnerability addressed in Telephony could allow the initiator of a phone call “to cause the recipient to answer a simultaneous Walkie-Talkie connection,” Apple explains in an advisory.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top