Apple patches 47 vulnerabilities in iOS, MacOS and WatchOS devices

Apple patches 47 vulnerabilities in iOS, MacOS and WatchOS devices

Apple has released security patches for as many as 47 security flaws in iOS, macOS, and WatchOS devices.

Apple's WebKit browser engine for iOS and Safari contained as many as 23 security flaws which made it vulnerable to remote code execution.

Remote code execution using a malicious web page may allow hackers to infiltrate a device and take control over it. Apple disclosed as many as 16 vulnerabilities in WebKit that could allow remote code execution, one of which was reported by the UK's National Cyber Security Centre.

Is Apple’s iPhone the most secure phone in the world?

According to Apple, the new security patches will not only prevent memory corruption but will also enhance memory handling. They will also prevent hackers from spoofing address bars to get users to click on malicious links.

With the new iOS 10.3.3 upgrade, Apple has also fixed other issues like disclosure of user information through a maliciously crafted XML document, arbitrary code execution using a maliciously crafted archive, unexpected termination of the Messages app by a remote attacker, notifications appearing on the lock screen even when disabled, and exfiltration of data cross-origin by malicious websites.

A number of vulnerabilities that Apple has now patched were reported by Google's Project Zero team, Japanese security firm Trend Micro, Baidu Security Lab and Tencent's Xuanwu Lab. Apple also encourages bug hunters by launching its highly-publicised bug bounty programmes, offering up to £150,000 to bug catchers.

Use Apple & Cisco at work? Get ready for cyber security insurance discounts

Aside from receiving timely security fixes, Apple's business customers now have an added benefit. Last month, Apple and Cisco announced that businesses that use products from both companies will get discounts on cyber security insurance premiums.

Cisco will also release the new Cisco Security Connector app for iPhone and iPad later this year. The app will, Cisco says, 'deliver the deepest visibility, control, and privacy for iOS devices' and will offer businesses the best protection no matter where they are located.

Copyright Lyonsdown Limited 2021

Top Articles

Facebook's lawsuit against ban on EU-US data transfers dismissed

The High Court in Ireland has dismissed Facebook's lawsuit against the Irish DPC's decision to ban it from transferring the data of EU residents to the US.

DarkSide extracts $4.4m ransom from German chemical distribution company

The DarkSide ransomware group extracted a ransom payment of $4.4 million in Bitcoin from Brenntag, a German chemical distribution company.

HSE ransomware attack: All you need to know

Ireland's HSE suffered a Conti ransomware attack that forced it to shut down all IT systems, and cancel non-essential appointments.

Related Articles