“This latest find shows once again that civil society is targeted by highly sophisticated exploits and mercenary spyware,” Citizen Lab said.Īs for CVE-2023-41061, it addresses a vulnerability found in Apple Wallet which also allows hackers to potentially execute malicious code on the device. So what are they? According to Citizen Lab, CVE-2023-41064 was used to inject the infamous Pegasus spyware onto devices, so information could be accessed without the owner’s knowledge. The company notes this, writing on both: “Apple is aware of a report that this issue may have been actively exploited.” The iOS 16.6.1 security page states that the update contains two fixes tracked as CVE-2023-41064 and CVE-2023-41061.īoth are Zero-Day vulnerabilities, which means hackers were able to target them before Apple could release a fix. While this is a fairly generic sentence that Apple often uses with dedicated security releases, the wording is accurate - this is important. This update provides important security fixes and is recommended for all users. I will keep tracking this and update this article should problems arise.Īpple’s iOS 16.6.1 release notes are short and sweet:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |