A New Kind of Bug Spells Trouble for iOS and macOS Security

[gadje]

Security researchers found a class of flaws that, if exploited, would allow an attacker to access people’s messages, photos, and call history.

https://www.wired.com/story/trellix-ios-...predicate/

[jonny]

“ Apple patched the NSPredicate vulnerabilities Trellix found in its macOS 13.2 and iOS 16.3 software updates, which were released in January. Apple has also issued CVEs for the vulnerabilities that were discovered: CVE-2023-23530 and CVE-2023-23531. Since Apple addressed these vulnerabilities, it has also released newer versions of macOS and iOS. These included security fixes for a bug that was being exploited on people’s devices. ”

[Speedy]

Just great. Now my wife can see how long my calls to 1-888-36D-bòóbs were.

[chopper]

"Apple has fixed the bugs the company found, and there is no evidence they were exploited."

[gadje]

Sorry, this was meant as a reminder to update your devices.