Apple patches 47 vulnerabilities in iOS, MacOS and WatchOS devices

Apple patches 47 vulnerabilities in iOS, MacOS and WatchOS devices

Apple has released security patches for as many as 47 security flaws in iOS, macOS, and WatchOS devices.

Apple’s WebKit browser engine for iOS and Safari contained as many as 23 security flaws which made it vulnerable to remote code execution.

Remote code execution using a malicious web page may allow hackers to infiltrate a device and take control over it. Apple disclosed as many as 16 vulnerabilities in WebKit that could allow remote code execution, one of which was reported by the UK’s National Cyber Security Centre.

Is Apple’s iPhone the most secure phone in the world?

According to Apple, the new security patches will not only prevent memory corruption but will also enhance memory handling. They will also prevent hackers from spoofing address bars to get users to click on malicious links.

With the new iOS 10.3.3 upgrade, Apple has also fixed other issues like disclosure of user information through a maliciously crafted XML document, arbitrary code execution using a maliciously crafted archive, unexpected termination of the Messages app by a remote attacker, notifications appearing on the lock screen even when disabled, and exfiltration of data cross-origin by malicious websites.

A number of vulnerabilities that Apple has now patched were reported by Google’s Project Zero team, Japanese security firm Trend Micro, Baidu Security Lab and Tencent’s Xuanwu Lab. Apple also encourages bug hunters by launching its highly-publicised bug bounty programmes, offering up to £150,000 to bug catchers.

Use Apple & Cisco at work? Get ready for cyber security insurance discounts

Aside from receiving timely security fixes, Apple’s business customers now have an added benefit. Last month, Apple and Cisco announced that businesses that use products from both companies will get discounts on cyber security insurance premiums.

Cisco will also release the new Cisco Security Connector app for iPhone and iPad later this year. The app will, Cisco says, ‘deliver the deepest visibility, control, and privacy for iOS devices’ and will offer businesses the best protection no matter where they are located.

Copyright Lyonsdown Limited 2021

Top Articles

Double trouble: the rising threat of double-extortion ransomware

Ransomware attackers continue to threaten businesses at an increasing scale, speed and sophistication.

The blurring line between nation-state and cyber-criminals

Russia is widely known to be involved in a plethora of cyber-criminal activity.

XDR: Delivering value where SIEMs fail

Implementing an XDR solution means faster detection, and remediation of cyber incidents

Related Articles

[s2Member-Login login_redirect=”” /]