McDonald's welcomes Disney executive Kareem Daniel to its board which brings the number of directors to 15.
Tencent reportedly takes an aggressive approach to gain major stakes in more gaming companies outside China
Leaked Pixel Watch 'Active' bands will cost $49, but the more expensive metal bands will launch at a later time
Celsius' co-founder Daniel Leon steps down just a week after CEO and co-founder Alex Mashinsky resigned.
Geely buys a stake in Ashton Martin which is set to launch its new fully electric vehicle models in 2025.
Leaked technical specifications of the regular Pixel 7 model suggest very few changes from its predecessor
Hyundai Glovis buys GEAA car auction dealer to sell used vehicles online and expand its business in the US.
iPhone and iPad update fixes kernel and WebKit security flaws that ‘may have been actively exploited’
iPhone and iPad users may want to immediately install the iOS 15.6.1 and iPadOS 15.6.1 updates on their devices. Apple confirmed on Wednesday that these updates address security issues that were possibly “actively exploited.”
In a security support post published on Wednesday, Apple confirmed that the iOS 15.6.1 and iPadOS 15.6.1 address security flaws identified as CVE-2022-32894 and CVE-2022-32893 that could allow attackers to implement “arbitrary code execution.”
Like in previous security issues reports, Apple did not provide specifics on these security incidents. The company only said both flaws were discovered by an anonymous researcher. But in both cases, the tech giant confirmed, “Apple is aware of a report that this issue may have been actively exploited.”
The updates are advised to be installed on a host of iPhone and iPad models. The list includes iPhone 6S and later, all iPad Pro models, iPad Air 2 and later, iPad 5 and later, iPad mini 4 and later, and the seventh-gen iPod touch.
SocialProof Security CEO Rachel Tobac said (via The Guardian) said the nature of these security flaws could have allowed attackers to gain “full admin access” to a target device. And because they target WebKit and gain kernel privileges, attackers could execute codes with the same level of access as the device owner.
While everyone using the above-mentioned devices is advised to install the said updates, Tobac added that these updates are more significant for iPhone and iPad users “in the public eye” like activists and journalists.
Apple did not specify which group or individuals have exploited the flaws addressed in iOS 15.6.1 and iPadOS 15.6.1. But this would not be the first time that an iOS or iPadOS security issue has been used to execute a spyware tool. The iPhone maker sued Israel’s NSO Group last November, accusing it of targeting and surveilling Apple users with its proprietary Pegasus spyware.
The lawsuit was filed a few months after the media non-profit Forbidden Stories reported, based on a leak with 50,000 phone numbers allegedly targeted by NSO’s clients, that Pegasus was used against at least 180 journalists around the world. “Potential targets also include human rights defenders, academics, businesspeople, lawyers, doctors, union leaders, diplomats, politicians and several heads of states,” Forbidden Stories added.
What is a semiconductor? An electrical engineer explains how these critical electronic components work and how they are made