![]() Thanks to Apple for getting patch out so quickly. ![]() We saw this used in conjunction with a N-day remote code execution targeting webkit. Another zero-day in Apple’s software (CVE-2021-30869) is being actively exploited by attackers, forcing the company to push out security updates for macOS Catalina and iOS 12.įlagged by researchers Erye Hernandez and Clément Lecigne of Google’s Threat Analysis Group and Ian Beer of Google Project Zero, the vulnerability is a type confusion issue found in XNU, the kernel of Apple’s macOS and iOS operating systems.Īs usual, Apple did not share any details about the flaw, and said only that it allows a malicious application to execute arbitrary code with kernel privileges.Īnother Google TAG threat analyst shared that CVE-2021-30869 is being exploited in conjunction with a previously known WebKit vulnerabilities, and said that more details will be released after 30 days.Ġday privilege escalation for macOS Catalina discovered in the wild by
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |