Apple finally fixed Meltdown and a gap with a special link
By Palash Verma
Apple finally fixed Meltdown and a gap with a special link –
Apple released patches for iOS and macOS, among other vulnerabilities, they eliminate Meltdown and Specter, so the company recommends users to install patches sooner. On macOS, the update will be called High Sierra 10.13.3 or Security Update 2018-001 for computers based on Sierra and El Capitan. The main security point is the correction of CVE-2017-5754, better known as Meltdown. Earlier we wrote that Apple had taken measures regarding the Specter vulnerability . Also, less dangerous, but still serious vulnerabilities in the macOS core have been eliminated: exploited race condition (CVE-2018-4092), validation problem (CVE-2018-4093) and memory initialization error (CVE-2018-4090), which also allows read memory. Two other drawbacks, CVE-2018-4097 and CVE-2018-4082, allow the application to run code in the context of the kernel, which leads to hacking the entire system. The browser engine WebKit also received fixes for three vulnerabilities (CVE-2018-4088, CVE-2018-4089, CVE-2018-4096), corresponding updates were implemented in Safari version 11.0.3 . For iOS devices, an update 11.2.5 was released, which fixed the problem when a special link caused a malfunction in the devices . In addition, the CVE-2018-4094 gap is removed, allowing you to remotely execute an audio file.
(Cyberops, Cyberops Infosec, VAPT, Cyber Security, Ethical Hacking, Secured Application Development)