Tech Tips

Apple Fixes actively exploited iPhone, iPad kernel vulns

In addition, a misconfigured server spills Thomson Reuters data; VMware fixes a significant hole in retired software; and MalwareBytes apologises for wearing a hoodie.

Apple Fixes actively exploited iPhone, iPad kernel vulns. Apple claimed the bug involves an out-of-bounds write issue, which involves writing data past the end or before the beginning of a buffer. Apple gave credit for reporting the problem to an unnamed security researcher. Data corruption, a crash, or the opportunity to run arbitrary code with kernel privileges are possible side effects.

Apple Fixes actively exploited iPhone, iPad kernel vulns

To fix this and 19 additional issues, Apple released updates for iOS 16.1 and iPad OS 16. Six of the bugs were kernel-related. Others targeted the iOS Sandbox, Core Bluetooth, and graphics and GPU drivers.

We don’t know the specifics of the already-exploited vulnerability, the scope of exploitation, or who may have been attempting to exploit the issues from Apple’s security notice for the fixes.

One may find a list of persons who are credited with alerting Apple to these issues by reading the patch notes. It’s possible that many of them were inspired by Apple’s improved bug bounty programme, which the firm claims has given researchers roughly $20 million in awards since it began operating two and a half years ago.

In a press release that simultaneously announced the launch of an Apple Security Research website, Apple boasted that this made the Apple Security Reward the fastest-growing bounty program in business history.

Security researchers working on Apple issues will be able to contact Cupertino through the new website. Customers may “hear about the latest advancements in Apple security from our engineering teams, submit us your own research, and collaborate directly with us to be recognized and rewarded for helping keep our users safe,” according to Apple, which claims the new website is a two-way street.

Additionally, Apple Security Research offers trackers so that researchers may monitor the progress of their reports. By clearly stating the bounty information and evaluation criteria, it increases transparency, according to Apple, allowing users to decide where to focus their study and predict if their report would be eligible for a certain payout.

3 TB of user data are made available online through a Thomson Reuters database

Security experts looking into Thomson Reuters’ website discovered three unprotected databases that included information that might be worth millions of dollars on dark web forums for use in supply chain attacks.

The three databases were simple to locate and scan, but one server was more interesting than the others since it had 3TB of “critical, current information from across the company’s platforms,” according to the Cybernews research team.

The ElasticSearch database, according to the researchers, contained plain text information such as password reset logs (though no actual credentials were exposed), SQL logs indicating the queries that Thomson Reuters clients were doing, and the documents that were found as a result of those queries.

The researchers concluded that given the database has more than 6.9 million unique records and occupies more than 3TB of server space, there is a good probability the open instance included considerably more sensitive material.

Thomson Reuters stated that it valued the efforts of moral security researchers and underlined that after being made aware of the problem, it took swift action. According to Thomson Reuters, the third ElasticSearch server wasn’t supposed to be exposed but isn’t a major issue because two of the servers were intended to be publicly available and weren’t a concern.

According to Thomson Reuters, the ElasticSearch server is a non-production device that “only holds application logs from the non-production environment connected with a limited fraction of Thomson Reuters Global Trade clients,” who the company says had already been informed.

When VMware detects a defect, it fixes a discontinued product

In order to address a significant issue in its Cloud Foundation platform, VMware had to go back into the archives and patch old software.

The XStream open source library has the problem. It might enable remote code execution with root rights if exploited by an attacker “due to an unauthenticated endpoint that employs XStream for input serialization.” An alleged remote execution capability, low degree of complexity, and lack of user input make the attack ideal for a would-be hacker.

Patching is crucial because, according to VMware, proof-of-concept attack code for the vulnerability—logged as CVE-2021-39144 and evaluated at 9.8/10 on the CVSSv3 scale—is already accessible online.

The VMware NSX Data Center for vSphere, version 6.4 (this upgrade gets it to version 6.4.14), that reached end of life during January of this year, is the end-of-life product receiving the patch.

In the security update, VMware also corrected a second problem, luckily this one is far less critical. An unauthenticated attacker might use the VMware Cloud Foundation’s XML external entity vulnerability to perform a denial-of-service attack or reveal data, according to the alert.

Contrary to the XStream vulnerability’s severe score, VMware claimed that this problem only received a 5.3 on the CVSSv3 scale.

Sorry for the hoodie

Information security and humor don’t typically go together, but Malwarebytes made a welcome exception last week with a tweet that apologized for using the clichéd image of a hacker working on a malicious project while wearing a hoodie.

Follow Techmodena for the latest tech news, games, tech tips, how to, iPhone issue, tech news, tech reviews, gadget reviews, etc., For the latest videos, subscribe to our YouTube Channel.

Related Articles

0 0 votes
Article Rating
Notify of
Inline Feedbacks
View all comments
Back to top button
Would love your thoughts, please comment.x
Mail Icon