Email or username:

Password:

Forgot your password?
Xe's posts Post Back to profile
Xe :verified:

hey uhhhhhhh, you should update your apple devices: support.apple.com/en-us/HT2137

>

An app may be able to execute arbitrary code with kernel privileges

Processing an image may lead to arbitrary code execution

An app may be able to leak sensitive kernel state

An app may be able to gain root privileges

An app may be able to execute arbitrary code with kernel privileges

An app may be able to modify protected parts of the file system

A remote attacker may be able to cause unexpected app termination or arbitrary code execution

Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited.

Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

19 May 2023 at 11:35 | Open on pony.social
24 comments
Arch :arch:

@cadey Hot damn that's a packed update.

19 May 2023 at 11:37 | Open on floofy.tech
Xerz! :blobcathearttrans:

@cadey jailbreak time :blobcatrainbow:

19 May 2023 at 11:38 | Open on fedi.xerz.one
DELETED
Kye Fox

@cadey I moved up to a new iPhone, but it's nice to see I'd still get security patches for my 6S Plus even though it's officially out of support. edit: I assume this is related to a similarly severe patch for iOS 16+

19 May 2023 at 11:42 | Open on tech.lgbt
Xe :verified:

@Kye with apple, "out of support" doesn't mean they don't get updates, they just don't get new version upgrades. Apple has released security updates for iOS 9 in the past.

19 May 2023 at 12:01 | Open on pony.social
Kye Fox

@cadey The 6S was my first, and no one I asked could answer if it would still get security updates.

19 May 2023 at 12:11 | Open on tech.lgbt
Jimmy Jim

@cadey @Kye Apple does backport updates, but itβ€˜s no panacea. From what I’ve seen they tend to β€œtriage” and patch critical bugs, and it often (tho not in this case) comes out quite a bit later than the iOS 16 update.

19 May 2023 at 15:10 | Open on mastodon.social
Xe :verified:

@starchturrets @Kye it's better than the situation with Android lol

19 May 2023 at 15:11 | Open on pony.social
Jimmy Jim

@cadey @Kye yes. The situation on Android has been improving, but iOS still tends to get OS upgrades for longer before they need to get fixes backported, so it evens out in the end.

19 May 2023 at 15:15 | Open on mastodon.social
miifox
@cadey all i am thinking about is... could this be used for jailbreaking?
19 May 2023 at 12:50 | Open on akko.chir.rs
tyler!!
πŸ³οΈβ€πŸŒˆπŸŽƒπŸ‡§πŸ‡·LuanaπŸ‡§πŸ‡·πŸŽƒπŸ³οΈβ€πŸŒˆ :verified:

@cadey Or you should NOT update your device if you want a jailbreak anytime soon

19 May 2023 at 16:41 | Open on tech.lgbt
Sr. Estegosaurio πŸ¦•

@cadey "Kernel privileges" sounds really bad.

19 May 2023 at 18:00 | Open on mstdn.social
dxzdb

@cadey why is this only talking about iOS 15?

20 May 2023 at 0:36 | Open on mastodon.social
ch0ccyra1n :she_her::neocat_floof_cute:

@cadey
Can I pwease execute arbitrary code with kernel privileges uwu? :plcat:

20 May 2023 at 1:47 | Open on emeraldsocial.org
Ala5ka
errante
(((Jann Gobble)))πŸ³οΈβ€πŸŒˆ

@cadey Are you sure this link is the one you meant to send? 16.5 is the iOS update version being distributed by the app store and this is talking about 15.7.6...

20 May 2023 at 19:17 | Open on twit.social
:blobcatlaptop: gravitos :blobcatcomfsip:​

@cadey

>

An app may be able to execute arbitrary code with kernel privileges

isn't that a good thing? in theory, if i had an apple device, this would mean i can run android on it

21 May 2023 at 11:41 | Open on wetdry.world
Xe :verified:

@gravitos not if your threat model depends on webpages NOT doing that

21 May 2023 at 12:32 | Open on pony.social
Go Up