Apple issues critical updates for iPhones, iPads and Macs after the discovery of a serious security flaw
Apple has issued a warning about a security flaw that could be used to take full control of iPhones, iPads and Macs. The company says that the vulnerability "may have been actively exploited" and has issued a slew of updates to patch the problem.
Going some way to prove that it is not just Windows that suffers serious security issues, this vulnerability is tracked as CVE-2022-32893. The potential impact of the flaw is so wide because it stems from a bug in Safari’s WebKit rendering engine.
Microsoft reveals 'powerdir' macOS vulnerability that allows unauthorized user data access
Microsoft has revealed details of a security vulnerability in macOS that could be exploited to gain unathorized access to user data.
The vulnerability, which has been named 'powerdir' and is being tracked as CVE-2021-30970, involves a logic issue in the Transparency, Consent and Control (TCC) security framework. The security and privacy problem was discovered by the Microsoft 365 Defender Research Team and was reported to Apple is mid-July last year.
macOS has an unpatched Finder vulnerability that hackers can use to run arbitrary commands
Apple makes much of the security of its products, but vulnerabilities are certainly not unknown. SSD Secure Disclosure has revealed details of a zero-day flaw affecting Finder in macOS. It can be exploited to run arbitrary commands without displaying any messages, prompts or warnings.
The vulnerability was discovered by independent security researcher Park Minchan, and it is present in macOS Big Sur and earlier. The flaw relates to the way macOS processes .inetloc (internet location) files and Apple has made a poor, easily circumvented attempt to fix it in the most recent version of its Mac operating system.