jrockbridge
Stealing Your Riffs
If you own an Apple device, iPhone, iPad, Mac, etc, update to the latest OS ASAP! The old OS's have a security vulnerability. So, unless you want to become some hacker's bitch, update.
Update Your Apple Device! Security Snafu!
- Thread starter jrockbridge
- Start date
jrockbridge
Stealing Your Riffs
I think the instructions for old Apple devices was different. Something like, "Place your head between your knees and kiss your a$$ goodbye."Doesn't it only affect Intel based Macs?
(of course my old mac book is an Intel)
jp_nyc
Kick Henry Jackassowski
The update addresses multiple vulnerabilities and the stories I read were unclear about if both of them were intel only or another one (maybe more) affect Apple silicon chips. Apple can be opaque about stuff like this so I updated for the sake of caution.Doesn't it only affect Intel based Macs?
(of course my old mac book is an Intel
jrockbridge
Stealing Your Riffs
Here is what has been published about iPhone....
and is recommended for all users. For information on the security content of Apple software updates, please visit this
website:
support.apple.com
pdate Nov. 21, 2024: This story, originally published Nov. 20, now includes details of a new CISA warning, as well as more expert advice on the fixes issued in iOS 18.1.1 and iOS 17.7.2.
Apple has issued iOS 18.1.1, an emergency iPhone update that you should apply now. That’s because iOS 18.1.1 fixes two serious security vulnerabilities, both of which are already being used in real-life attacks.
Apple doesn’t give much information about what’s fixed in iOS 18.1.1, to give people as much time to update as possible before more attackers get hold of the details. But the iPhone maker does say the iOS 18.1.1 update “provides important security fixes and is recommended for all users.”
Tracked as CVE-2024-44308, the first issue patched in iOS 18.1.1 is a flaw in the JavaScriptCore framework that could result in code execution if the user interacts with maliciously crafted web content. “Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems,” the iPhone maker said on its support page.
The second issue patched in iOS 18.1.1, tracked as CVE-2024-44309, is a flaw in WebKit, the engine that underpins Apple’s Safari browser. If exploited, a user could fall victim to a cross-site scripting attack, which sees an attacker inject malicious code into a trusted website or application.
Again, Apple said it is aware of a report that this issue “may have been actively exploited on Intel-based Mac systems.”
CISA says the Apple updates are important because “a cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.”
With this in mind, the agency says it encourages users and administrators to review the advisories and “apply necessary updates.”
iOS 18.1.1—Update Now Warning Issued To All iPhone Users
This update provides important security fixesand is recommended for all users. For information on the security content of Apple software updates, please visit this
website:
Apple security releases - Apple Support
This document lists security updates and Rapid Security Responses for Apple software.
pdate Nov. 21, 2024: This story, originally published Nov. 20, now includes details of a new CISA warning, as well as more expert advice on the fixes issued in iOS 18.1.1 and iOS 17.7.2.
Apple has issued iOS 18.1.1, an emergency iPhone update that you should apply now. That’s because iOS 18.1.1 fixes two serious security vulnerabilities, both of which are already being used in real-life attacks.
Apple doesn’t give much information about what’s fixed in iOS 18.1.1, to give people as much time to update as possible before more attackers get hold of the details. But the iPhone maker does say the iOS 18.1.1 update “provides important security fixes and is recommended for all users.”
Tracked as CVE-2024-44308, the first issue patched in iOS 18.1.1 is a flaw in the JavaScriptCore framework that could result in code execution if the user interacts with maliciously crafted web content. “Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems,” the iPhone maker said on its support page.
The second issue patched in iOS 18.1.1, tracked as CVE-2024-44309, is a flaw in WebKit, the engine that underpins Apple’s Safari browser. If exploited, a user could fall victim to a cross-site scripting attack, which sees an attacker inject malicious code into a trusted website or application.
Again, Apple said it is aware of a report that this issue “may have been actively exploited on Intel-based Mac systems.”
New CISA Warning—Update To iOS 18.1.1 Or iOS 17.7.2
The US Cybersecurity and Infrastructure Agency (CISA) has also issued a warning, telling businesses and users to update to iOS 18.1.1 or iOS 17.7.2, macOS Sequoia 15.1.1, visionOS 2.2.2 and Safari 18.1.1 as soon as possible. “Apple released security updates to address vulnerabilities in multiple Apple products,” the CISA alert says.CISA says the Apple updates are important because “a cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.”
With this in mind, the agency says it encourages users and administrators to review the advisories and “apply necessary updates.”
Why You Should Update To iOS 18.1.1 Now
While there are only two vulnerabilities fixed in iOS 18.1.1, they are “significant,” says Sean Wright, head of application security at Featurespace. “The JavaScriptCore vulnerability could allow attackers to remotely target victims to execute code on their devices,” he says. “This code would hopefully be limited to existing sandbox protections, but it could allow attackers to do things such as redirect users to malicious sites and potentially steal session tokens.”
jrockbridge
Stealing Your Riffs
I'm not a hacker, I'm just really good at accidentally changing the system settings and then forgetting how to fix them.
Dew Knot Humps
Splawnster
TL/DRHere is what has been published about iPhone....
iOS 18.1.1—Update Now Warning Issued To All iPhone Users
This update provides important security fixes
and is recommended for all users. For information on the security content of Apple software updates, please visit this
website:
Apple security releases - Apple Support
This document lists security updates and Rapid Security Responses for Apple software.
pdate Nov. 21, 2024: This story, originally published Nov. 20, now includes details of a new CISA warning, as well as more expert advice on the fixes issued in iOS 18.1.1 and iOS 17.7.2.
Apple has issued iOS 18.1.1, an emergency iPhone update that you should apply now. That’s because iOS 18.1.1 fixes two serious security vulnerabilities, both of which are already being used in real-life attacks.
Apple doesn’t give much information about what’s fixed in iOS 18.1.1, to give people as much time to update as possible before more attackers get hold of the details. But the iPhone maker does say the iOS 18.1.1 update “provides important security fixes and is recommended for all users.”
Tracked as CVE-2024-44308, the first issue patched in iOS 18.1.1 is a flaw in the JavaScriptCore framework that could result in code execution if the user interacts with maliciously crafted web content. “Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems,” the iPhone maker said on its support page.
The second issue patched in iOS 18.1.1, tracked as CVE-2024-44309, is a flaw in WebKit, the engine that underpins Apple’s Safari browser. If exploited, a user could fall victim to a cross-site scripting attack, which sees an attacker inject malicious code into a trusted website or application.
Again, Apple said it is aware of a report that this issue “may have been actively exploited on Intel-based Mac systems.”
New CISA Warning—Update To iOS 18.1.1 Or iOS 17.7.2
The US Cybersecurity and Infrastructure Agency (CISA) has also issued a warning, telling businesses and users to update to iOS 18.1.1 or iOS 17.7.2, macOS Sequoia 15.1.1, visionOS 2.2.2 and Safari 18.1.1 as soon as possible. “Apple released security updates to address vulnerabilities in multiple Apple products,” the CISA alert says.
CISA says the Apple updates are important because “a cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.”
With this in mind, the agency says it encourages users and administrators to review the advisories and “apply necessary updates.”
Why You Should Update To iOS 18.1.1 Now
While there are only two vulnerabilities fixed in iOS 18.1.1, they are “significant,” says Sean Wright, head of application security at Featurespace. “The JavaScriptCore vulnerability could allow attackers to remotely target victims to execute code on their devices,” he says. “This code would hopefully be limited to existing sandbox protections, but it could allow attackers to do things such as redirect users to malicious sites and potentially steal session tokens.”
jrockbridge
Stealing Your Riffs
nuke_diver
Riding Solo
I seem to recall most of the recent software updates have similar "security risk update immediately" warnings associated with them 
DinoMikeSr
I have the box
I have zero updates pending.