Jakub Karnik iOS 12 was originally supposed to be just an improved version of the previous iOS 11, but is that really the case? After discovering a critical bug in group FaceTime calls where it was possible to eavesdrop on the other party without receiving the call, two more bugs are coming.
Hackers managed to use the mentioned errors even before they were known to Apple. Well, at least with this statement he came Google security expert Ben Hawkes, who claims that Apple in the change log iOS 12.1.4 identified the bugs as CVE-2019-7286 and CVE-2019-7287.
It could be interest you
Dan Pražák For the attack, the hackers used a so-called zero-day attack, which in informatics is the name of an attack or threat that tries to exploit software vulnerabilities in the system, is not yet generally known and there is no protection for it (in the form of antivirus or updates). The title here does not indicate a number or any number of days, but the fact that the user is at risk until the update is released.
It's not entirely clear what the bugs were used for, but one of them involved a memory issue where iOS allowed apps to repeatedly gain elevated permissions. The second bug involved the system kernel itself, but other details are unknown. The bug affected all Apple devices that can install iOS 12.
iOS 12.1.4 also re-enables and fixes FaceTime group calls and should fix these two security flaws as well.
Photo: EverythingApplePro
Source: MacRumors
Cow. After all, the best and most secure system cannot have the xxxth version of an error.