[SANS ISC] Apple Patches for CVE-2021-30807, (Tue, Jul 27th)

Apple has released another update (previous update was only about 5 days ago) to address CVE-2021-30807 that was discovered by an anonymous researcher. This update resolves an issue with IOMobileFrameBuffer which could allow an application to execute arbitrary code with kernel privileges [1], [2]. This issue may have been actively exploited.

As Apple has indicated that this issue may have been actively exploited, it is recommended that affected devices be updated as soon as possible.

References:
[1] https://support.apple.com/en-us/HT212622
[2] https://support.apple.com/en-us/HT212623

———–
Yee Ching Tok, ISC Handler
Personal Site
Twitter

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Source: Read More (SANS Internet Storm Center, InfoCON: green)

You might be interested in …

[ThreatPost] Netgear Authentication Bypass Allows Router Takeover

All posts, ThreatPost

Microsoft researchers discovered the firmware flaws in the DGN-2200v1 series router that can enable authentication bypass to take over devices and access stored credentials. Source: Read More (Threatpost)

Read More

[TheRecord] Microsoft patches Office zero-day in today’s Patch Tuesday

Microsoft has released patches today for a zero-day vulnerability in one of the Windows components that was abused in the wild for attacks using weaponized Office documents. First disclosed last week, when Microsoft warned of the attacks and published basic mitigations, the OS maker has released official fixes as today, part of its monthly Patch Tuesday […]

Read More

[ZDNet] Zero trust and cybersecurity: Here’s what it means and why it matters

All posts, ZDNet

Security agency offers five reasons why a fashionable but ‘slippery’ concept might improve your defences. Source: Read More (Latest topics for ZDNet in Security)

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.