iPhone 5S 又拿到安全性更新了:iOS 12.5.7 (2023/01/23)
source link: https://blog.gslin.org/archives/2023/01/25/11039/iphone-5s-%e5%8f%88%e6%8b%bf%e5%88%b0%e5%ae%89%e5%85%a8%e6%80%a7%e6%9b%b4%e6%96%b0%e4%ba%86%ef%bc%9aios-12-5-7-2023-01-23/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
iPhone 5S 又拿到安全性更新了:iOS 12.5.7 (2023/01/23)
Apple 又針對 iOS 12 釋出安全性更新了:「About the security content of iOS 12.5.7」。
Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1.
Description: A type confusion issue was addressed with improved state handling.
這次的更新是 backport 去年十二月在 Safari 16.2 上修正的 CVE-2022-42856:
A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Processing maliciously crafted web content may lead to arbitrary code execution.
所以這包跟上次一樣 (參考先前寫的 「iOS 12.5.6」這篇),也是在修正 RCE 類的漏洞,這樣對於 iPhone 5S 等於是進入第九年的支援了。
之前在網路上有看到有人在猜是因為海外有很多異議人士拿這隻手機,所以美國政府「希望」Apple 能夠針對一些高危險性的安全漏洞提供更新?
Related
iOS 12.5.6
早上發現 iPhone 6 Plus 被自動更新到 iOS 12.5.6,查了一下發現是八月底的時候 Apple 推了一版 WebKit 的 ACE,CVE-2022-32893:「About the security content of iOS 12.5.6」。 Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Description: An out-of-bounds write issue was…
September 18, 2022In "Computer"
iOS 透過無線網路的 RCE...
在「About the security content of iOS 10.3.1」這邊的說明: Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip Description: A stack buffer overflow was addressed through improved input…
April 4, 2017In "Computer"
居然在安全性漏洞的 PoC 上面看到拿 Bad Apple!! 當作範例
人在日本的資安專家 Hector Martin 找到了 Apple M1 的安全漏洞,可以不用透過 macOS Big Sur 提供的界面,直接透過 M1 的漏洞跨使用者權限傳輸資料,這可以用在突破 sandbox 的限制。而也如同目前的流行,他取了一個好記的名字:「M1RACLES: M1ssing Register Access Controls Leak EL0 State」,對應的 CVE 是 CVE-2021-30747。 先講比較特別的點,PoC 的影片放在 YouTube 上,作者拿 Bad Apple!! 當作示範,這很明顯是個雙關的點: 這應該是當年的影繪版本,看了好懷念啊... 當年看到的時候有種「浪費才能」的感覺,但不得不說是個經典。 在 Hacker News 上有討論可以翻翻:「M1racles: An Apple M1 covert channel vulnerability (m1racles.com)」。 依照作者的說明,Apple A14 因為架構類似,也有類似的問題,不過作者沒有 iPhone,沒辦法實際測試: Are…
May 27, 2021In "Computer"
Leave a Reply
Your email address will not be published. Required fields are marked *
Comment *
Name *
Email *
Website
Notify me of follow-up comments by email.
Notify me of new posts by email.
To respond on your own website, enter the URL of your response which should contain a link to this post's permalink URL. Your response will then appear (possibly after moderation) on this page. Want to update or remove your response? Update or delete your post and re-enter your post's URL again. (Learn More)
Post navigation
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK