Friday, September 26, 2014

Apple iOS 8 fixes 53 vulns

Apple has released the latest version of iOS 8, fixing 53 vulnerabilities. Among these vulnerabilities, the most sever 'security threats' allow code execution with root privileges. Similarly other flaws can be exploited to execute arbitrary code with kernel or system privileges. Most vulnerabilities affect the WebKit browser engine that can be exploited when a victim is enticed to visit a specially crafted web page. iOS 8 minimize the threat of stealing Wi-Fi credentials by disabling the Lightweight Extensible Authentication Protocol (LEAP) which was not disabled by default in the earlier versions. <more>

No comments: