Apple has patched a vulnerability that was potentially used by hackers in its iOS 12 upgrade for older iPhone and iPad models. The vulnerability was discovered by an anonymous researcher, who has received acknowledgment.
The flaw, identified as CVE-2022-32893 (CVSS score: 8.8), affects WebKit and is an out-of-bounds write problem that could result in arbitrary code execution when processing maliciously created web content, according to a document released by the firm on Wednesday.
A security vulnerability found in the platform affects users of Google Chrome, Mozilla Firefox, and Microsoft Edge as well because WebKit powers Safari and every other third-party browser accessible for iOS and iPadOS.
The security patch fixes a Safari vulnerability that might have allowed unauthorized access for users to parse maliciously created web content and execute arbitrary code. With enhanced bounds checking, the developers appear to have found a solution. Apple stated that they are already aware of a report that claims the problem may have been intentionally exploited.
Several older Apple devices, including the iPhone 5S, iPhone 6, iPhone 6 Plus, iPad Air, iPad Mini 2, iPad Mini 3, and iPod Touch, are compatible with the 275 MB update published to fix the vulnerability.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: