Source: STANCA SANDA via Alamy Stock Photo
The latest Apple security update includes a fix for an actively exploited security vulnerability that could allow arbitrary code execution on iPhone 8 and above.
The bug, fixed with the iOS 16.1.2 update, is a type confusion issue in the WebKit browser engine. Type confusion occurs when a piece of code doesn’t verify the type of object that is passed to it; in this case, it can be be triggered when processing specially crafted content, Apple noted in its advisory.
As for the active exploitation, the mobile giant noted that it is “aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1.”
Apple has been plagued by zero-day exploits over the past several months.
Vulnerabilities/ThreatsMobileEndpointVulnerability Management
More Insights
Editors’ Choice
Webinars
Network Segmentation and Microsegmentation: Keys to the Next Generation of Enterprise DefenseZero Trust Security 101: What You Need to Know Before Getting StartedA Roadmap to Zero Trust: Steps for Meaningful Progress Amongst the Hype
Reports
How Machine Learning, AI & Deep Learning Improve CybersecurityImplementing Zero Trust In Your Enterprise: How to Get StartedSANS Institute Survey: The State of Cloud SecurityState of the Intelligent Information Management Industry in 2021Why You’re Wrong About Operationalizing AI
More Insights
Copyright (C) 2022 Informa PLC Informa UK Limited is a company registered in England and Wales with company number 1072954 whose registered office is 5 Howick Place, London, SW1P 1WG.
Dark Reading