TechingToday

iPhone Under Attack via Zero-Day Flaw - What to Do Now

Security

Apple iPhone and iPad users, it's time for another iOS upgrade

On Friday, March 26, Apple delivered an emergency update to its iOS and iPad OS to fix a zero-day flaw in WebKit, the browser rendering engine underlying Safari and other browsers running on Apple mobile devices

Apple's security advisory grimly notes that "Apple is aware of reports that this issue may be actively exploited," meaning it is already being used to hack iPhones and iPads Updating devices to iOS 1442 and iPadOS 1442 will fix this issue

A "zero-day" security flaw is one that is used in an attack before the software developer is aware of the flaw and the developer has "zero days" to fix the flaw

Fortunately, updating an iPhone or iPad is easy Most of the time, you just get a notification that the update is ready Tap it and proceed

You can also force the update by making sure the device is connected to the Internet via a local Wi-Fi network, going to Settings > General > Software Update, and tapping Download and Install

If Wi-Fi is not available, you can use a USB cable to pre-tether your iDevice to a "trusted" computer macOS 1015 Catalina or later running on a Mac should cause the phone to pop up in the Finder On a Mac running macOS 1014 Mojave or earlier, open iTunes and the iPhone should appear

Locate the iPhone page in either the Finder or iTunes, click on "General" or "Settings," then click on "Check for Updates When the update appears, click "Download and Update"

The flaw causes malicious websites and web pages to spark "universal cross-site scripting" in WebKit, Apple says

This is really bad because it means that a malicious person could embed code in a website that could redirect you to a malicious website or steal information such as passwords or credit card numbers from your browser

This is the second emergency update for iPhone and iPad this month, following a patch in early March that fixed another WebKit flaw

Apple states that this new problem was "addressed by improving object lifetime management," but one can only guess what that means

Credit for discovering this flaw goes to Clément Lecigne and Billy Leonard, researchers in Google's Threat Analysis Group

Comments

There is no comments

iPhone Under Attack via Zero-Day Flaw - What to Do Now

Categories

NYT Connect Today Tips and Answers - Sunday, November 17 (#525)

This Haier 15.6 inch FHD laptop is a budget-friendly powerhouse and perfect for giving as a gift (or keeping it for yourself).

Italy vs France Live Stream: How to watch UEFA Nations League matches online and on TV, Team News

Better sleep starts with morning sunlight, New study suggests

Google Pixel Tablet 2 could Fall next Year with Game-changing accessories

5 Best Shows like "Lioness" to Watch Now

Today's NYT Strand — Game #260 Tips, Spangrams, and Answers (Monday 2024-11-18)

NYT Connect Today Tips and Answers - Monday, November 18 (#526)

Comments

About Us

Navigation