Apple confirmed Monday its devices were left vulnerable to an exploit that allowed for remote malicious code execution through web-based JavaScript, opening up an attack vector that could have part unsuspecting victims from their crypto.
According to a recent Apple security disclosure, users must use the latest versions of its JavaScriptCore and WebKit software to patch the vulnerability.
The bug, discovered by researchers at Google’s threat analysis group, allows for “processing maliciously crafted web content,” which could lead to a “cross-site scripting attack.”
More alarmingly, Apple also admitted it “is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.”
Apple also issued a similar security disclosure for iPhone and iPad users. Here, it says, the JavaScriptCore vulnerability allowed for “processing maliciously crafted web content may lead to arbitrary code execution.”
In other words, Apple became aware of a security flaw that could let hackers take control of a user’s iPhone or iPad if they visit a harmful website. An update
Go to Source to See Full Article
Author: Adrian Zmudzinski
Tip BTC Newswire with Cryptocurrency