Apple Claims Google is Spreading FUD Over Patched iPhone Bugs
Apple said Google’s recent analysis of vulnerabilities found January in iOS painted a misleading picture of the scope of the attacks and the risk involved
Mobile Security – Threatpost
Apple said Google’s recent analysis of vulnerabilities found January in iOS painted a misleading picture of the scope of the attacks and the risk involved
Mobile Security – Threatpost
Mozilla patched two Firefox zero-day flaws in one week Naked Security
Two emergency zero days affecting a browser in one week counts as unusual – especially when they pop up as separate alerts two days apart.
A recently patched vulnerability in text editors preinstalled in a variety of Linux distributions allows hackers to take control of computers when users open a malicious text file. The latest version of Apple’s macOS is continuing to use a vulnerable version, although attacks only work when users have changed a default setting that enables a feature called modelines.
Vim and its forked derivative, NeoVim, contained a flaw that resided in modelines. This feature lets users specify window dimensions and other custom options near the start or end of a text file. While modelines restricts the commands available and runs them inside a sandbox that’s cordoned off from the operating system, researcher Armin Razmjou noticed the source command (including the bang on the end) bypassed that protection.
“It reads and executes commands from a given file as if typed manually, running them after the sandbox has been left,” the researcher wrote in a post earlier this month.
Read 5 remaining paragraphs | Comments
In 1999, Apple released a slew of new features with Mac OS 9, calling it “the best internet operating … with some of this stuff when I was a very young kid—my very first hack when I was 12 years old …
mac hacker – read more