On Tuesday, Apple corrected a critical security vulnerability on the zero day in all iPhone and IPAD models, and said it may have been exploited in a “very sophisticated attack against specific targeted individuals” using older versions of iOS.
The weakness, followed by Cve-2015-24201, resides in Webkit, the browser engine that drives Safari and all other browsers developed for iPhone and iPad devices. The most affected devices include the third generation of iPhone XS, iPad Pro 13 inches, iPad Pro 12.9 inches, then the first generation of iPad Pro 11 inches, and then, the third generation of iPad Air, AFRAD 7TH GENERATION, iPad Mini 5th Generation and iPad later. The weakness of a mistake is written on memory sites outside the border.
Complementary repair
“Impact: The web content designed in a harmful way may be able to get out of the web content sand box”, I wrote Apple in naked consultative. “This is an additional solution to an attack banned in iOS 17.2. (Apple realizes a report that this problem may have been used in a very advanced attack against targeted individuals specific to iOS versions before iOS 17.2.)
The consultant did not say whether one of the researchers was discovered by weakness or a person outside the company. This chain often provides evidence about those who carried out the attacks and who targeted the attacks. The consultant also did not say when the attacks or the duration of which it continued began.
The update brings the latest versions from both iOS and iPados to 18.3.2. Users who face the biggest threat are likely to be the targets of well -funded law enforcement agencies or national state spies. They must install the update immediately. Although there is no indication that the weakness is exploited against a broader group of users, it is a good practice of installing updates within 36 hours of being available.