top of page

Patch your iPhones and iPads now – Urgent security update from Apple blocks zero-day exploit

  • Writer: Rachel Hanlon
    Rachel Hanlon
  • Sep 14, 2021
  • 1 min read

Description

Apple released security update to fix two zero-day vulnerabilities CVE-2021-30860 and CVE-2021-30858. The attacker can exploit these vulnerabilities by sending a maliciously crafted PDF which could led to arbitrary code execution on the targeted system. CVE-2021-30860: The Integer Overflow vulnerability exists in CoreGraphics which could allow the threat actors to create malicious PDF documents that execute commands when accessed by the targeted victim.

CVE-2021-30858: The Use after free vulnerability exist in WebKit which could allow the threat actors to create maliciously crafted web page that execute commands when accessed by the targeted victim.


Users of the below products are advised to review the security update pages:

  • macOS Big Sur 11.6

  • macOS Catalina

  • watchOS 7.6.2

  • iOS 14.8 and iPadOS 14.8

  • Safari 14.1.2

Recommendation

It is recommended to update apple devices to their latest available version.

Reference

  • https://support.apple.com/en-us/HT212804

  • https://support.apple.com/en-us/HT212805

  • https://support.apple.com/en-us/HT212806

  • https://support.apple.com/en-us/HT212807

  • https://support.apple.com/en-us/HT212808

  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30860

  • https://us-cert.cisa.gov/ncas/current-activity/2021/09/13/apple-releases-security-updates-address-cve-2021-30858-and-cve




Commenti


Testimonials

Ibec - For Irish Business

"Ibec engaged with VISO two years ago.  While our primary objective was to improve our information security posture, we were also looking for a long-term partner with expertise and knowledge of the continually evolving cyber landscape. The professionals at VISO are a pleasure to work with and their team is always on hand when we need them."

2-3 Prospect Road, Glasnevin, Dublin 9, D09 K5V2

Telephone: Ireland +353 1 9121331  U.K.  +44 20 30260575

 

We simplify Cyber Security 

Privacy Policy

  • Twitter
  • Facebook
  • LinkedIn

© 2022 proudly created by The Rainbow Vault

ISO 27001 Cyber Security standard_Awarded to VISO Cyber Security
cyberessentials_certification- awarded to VISO Cyber Security
bottom of page