Apple’s iOS 8.3 Jam-Packed with Security Fixes

0

Apples latest mobile OS update, iOS 8.3, includes a long list of security patches for over three dozen severe vulnerabilities.

Apples latest iOS 8.3 went live Wednesday night, having Apple and iOS fans in a craze. Apple’s latest upgrade fixes a number of vulnerabilities lodged within the mobile operating system’s kernel, a number of code-execution bugs and a long list of WebKit vulnerabilities. Apple also patched a severe flaw that could lead to the user’s credentials being sent to the wrong server by accident. The issue stems from a bug within the CFNetwork Session component in iOS.

“A cross-domain HTTP request headers issue existed in redirect handling. HTTP request headers sent in a redirect response could be passed on to another origin. The issue was addressed through improved handling of redirects (CVE-2015-1091),” Apple’s security advisory read.

pia red

Accompanied by the code-execution vulnerabilities are a number of memory corruption bugs in the FontParser component of the operating system, alongside a bug in the CFURL (CVE-2015-1088) that can lead to a arbitrary code execution if the iOS users visits a maliciously crafted webpage.

Several more iOS vulnerabilities in the iOS kernel were patched by Apple’s latest iOS 8.3 release. One vulnerability allows a malicious app to run arbitrary code on the system-level with full privileges, and another kernel security flaw can let an app cause an unexpected system termination or read kernel memory. Lodged in iOS 8.3 are fixes for a kernel bug that allows an attacker with privileged network position to redirect iOS users to any host the attacker chooses. Another kernel flaw with the same circumstances could cause a denial-of-service.

Apple’s latest iOS 8.3 includes security patches for a swatch of vulnerabilities in the iOS operating system.

To upgrade to Apple’s latest iOS 8.3 to get all the additional security benefits navigate to Settings App, go to General > Software Update > Download and Install. Apple’s iOS 8.3 is supported by the iPhone 4S and later, iPod Touch 5th Generation and Later, iPad 2 and later iPad models.

Photo via Kārlis Dambrāns/Flickr [CC BY 2.0]

About Author

Brandon Stosh is the founder and CEO of www.freedomhacker.net. Stosh is a cyber security researcher and professional consultant who strives to provide reliable news on cyber-security based topics.

Leave A Reply

Send this to friend