Security researcher Saar Amar on Monday published a proof of concept (PoC) of a kernel-level vulnerability dubbed CVE-2021-30883 that was patched by Apple’s iOS & iPadOS 15.0.2 software updates.
The write-up reignited hope that we’d see a jailbreak for recent iterations of Apple’s mobile operating systems, and perhaps unsurprisingly, some security researchers have already started going hands-on with it.
When Apple released iOS & iPadOS 15.0.2 on Monday, one of the major changes was a security patch for a vulnerability reported in IOMobileFrameBuffer in which memory corruption could have resulted in an app executing arbitrary code with kernel-level privileges.
Facebook will nudge teens on Instagram away from harmful content as well as encourage children to take a break from its toxic photo-sharing platform for a while.
The Facebook-owned WhatsApp messaging service is now testing end-to-end encryption for iCloud backups. The feature was designed to protect your chat archive while it's being uploaded to or downloaded from iCloud and stored on Apple's servers (at rest).
You can now choose between a trio of different duration presets for WhatsApp's disappearing messages, such as 24 hours and 90 days, instead of the default 7-day timer.
In a major reversal, the App Store's Report a Problem link is back after being removed without explanation a few years ago. This time around, however, the feature includes a pair of significant improvements that are aimed at better tackling scams and fraud on the platform.
Apple has boosted the security and privacy of iCloud services further by switching end-to-end encryption for Safari bookmarks, preventing anyone but you from accessing them.
Apple has acknowledged that it's aware of a serious vulnerability plaguing its personal item tracker, dubbed AirTag. The nasty bug allows nefarious actors to redirect the person who finds and scans a lost AirTag to a phishing website instead of the Apple one. The company has confirmed it is working on a fix, saying the solution will be arriving in the next software update.
It was only about a week after Apple released iOS & iPadOS 14.8 with patches for the zero-click exploits that were actively weaponized in the wild and by the Pegasus spyware that iOS developer Mario Cheung released a jailbreak tweak called FORCEDEXIT to address the issue on pwned handsets running affected firmware versions.
Today, Cheung seems to be at it again with a new and free jailbreak tweak dubbed EntitlementFix, which allegedly fixes three additional 0-day exploits known to impact jailbreakable versions of Apple’s mobile operating systems.
In a somewhat unexpected move, Apple on Thursday released iOS 12.5.5, a small firmware update for older iPhones, iPads, and iPod touches that are incapable of running iOS or iPadOS 13 and later.
Last week, Apple released iOS & iPadOS 14.8 to the general public with important security patches for a zero-click exploit that could have resulted in arbitrary code execution.
Advanced fraud protection for Apple Card owners is now available as part of the iOS 15 update, which automatically rotates the card's three-digit security code every now and then.