✔️ 2022-08-18 00:35:26 - Paris/France.
I-Apple namhlanje ikhuphe uhlaziyo lokhuseleko olungxamisekileyo ukulungisa ubuthathaka beentsuku ezimbini ezazixhatshazwa ngabahlaseli ukuba baqhekeze ii-iPhones, ii-iPads okanye iiMacs.
Ubuthathaka bosuku lwe-Zero ziziphene zokhuseleko ezaziwa ngabahlaseli okanye abaphandi ngaphambi kokuba umthengisi wesoftware azi ngabo okanye akwazi ukuzibamba. Kwiimeko ezininzi, iintsuku ze-zero zineempembelelo zobungqina boluntu okanye zixhatshazwa ngokusebenzayo kuhlaselo.
Namhlanje, i-Apple ikhuphe i-macOS Monterey 12.5.1 kunye ne-iOS 15.6.1/iPadOS 15.6.1 ukujongana nobuthathaka beentsuku ezimbini eziye zaxhatshazwa ngokusebenzayo.
Bobabini ubuthathaka buyafana kuzo zontathu iinkqubo zokusebenza, neyokuqala ichongiwe njenge-CVE-2022-32894. Obu bubuthathaka kukuphuma kwemida yokubhala ubuthathaka kwindlela yokusebenza yekernel.
I-kernel yinkqubo esebenza njengeyona nto iphambili yenkqubo yokusebenza kwaye inamalungelo aphezulu kwi-macOS, iPadOS, kunye ne-iOS.
Isicelo, esifana ne-malware, sinokusebenzisa obu buthathaka ukwenza ikhowudi ngamalungelo e-kernel. Njengoko eli lelona nqanaba liphezulu lelungelo, inkqubo iya kuba nako ukwenza nawuphi na umyalelo kwisixhobo, ngokusebenzayo ithatha ulawulo olupheleleyo phezu kwayo.
Umngcipheko wesibini wosuku lwe-zero yi-CVE-2022-32893 kwaye ingaphandle kwemida yokubhala ukuba semngciphekweni kwiWebKit, injini yesikhangeli sewebhu esetyenziswa nguSafari kunye nezinye izicelo ezinokufikelela kwiwebhu.
U-Apple uthi esi siphene sinokuvumela umhlaseli ukuba enze ikhowudi engafanelekanga kwaye, ngenxa yokuba ikwi-injini yewebhu, inokuthi ixhatshazwe ukude ngokundwendwela iwebhusayithi eyilwe ngobugwenxa.
Iibhugi zichazwe ngabaphandi abangaziwa kwaye zilungiswe yi-Apple kwi-iOS 15.6.1, i-iPadOS 15.6.1 kunye ne-macOS Monterey 12.5.1 kunye nemida ephuculweyo yokukhangela zombini iibhugi.
Uluhlu lwezixhobo ezichatshazelwa bubuthathaka bumi ngolu hlobo lulandelayo:
- IMac eqhuba iMacOS Monterey
- iPhone 6s kwaye kamva
- iPad Pro (yonke imifuziselo), iPad Air 2 yaye kamva, iPad 5th isizukulwana yaye kamva, iPad mini 4 yaye kamva, kunye iPod touch (7th isizukulwana).
I-Apple ibhengeze ukuxhaphazwa okusebenzayo endle, kodwa ayikhuphanga naluphi na ulwazi olongezelelweyo malunga nolu hlaselo.
Kusenokwenzeka ukuba ezi ntsuku ze-zero bezisetyenziswa kuphela kuhlaselo ekujoliswe kulo, kodwa kusacetyiswa ngamandla ukuba kufakwe uhlaziyo lokhuseleko lwanamhlanje ngokukhawuleza.
Iintsuku ezisixhenxe zero ezifakwe nguApple kulo nyaka
Ngo-Matshi, i-Apple yalungisa iibugs ezimbini ezongezelelweyo ze-zero-day ezisetyenzisiweyo kumqhubi we-Intel graphics (CVE-2022-22674) kunye ne-AppleAVD (CVE-2022-22675) ezinokuthi zisetyenziswe ukuqhuba ikhowudi ngamalungelo e-kernel.
NgoJanuwari, i-Apple yapapasha iintsuku ezimbini eziye zaxhatshazwa ngokukhutheleyo ezivumela abahlaseli ukuba benze ikhowudi engafanelekanga ngamalungelo e-kernel (CVE-2022-22587) kunye nokulandelela umsebenzi wokukhangela kwiwebhu kunye nezazisi zabasebenzisi ngexesha lokwenyani (CVE-2022-22594).
NgoFebruwari, i-Apple ikhuphe uhlaziyo lokhuseleko ukulungisa i-bug entsha yosuku lwe-zero esetyenziselwe ukugqekeza ii-iPhones, ii-iPads kunye neeMacs, ezikhokelela kukuphazamiseka kwenkqubo yokusebenza kunye nokwenziwa kwekhowudi ekude kwizixhobo ezisengozini emva kokucubungula umxholo wewebhu owenziwe ngonya.
SOURCE: Uphonononga Iindaba
Ungalibazisi ukwabelana ngenqaku lethu kwiinethiwekhi zentlalo ukusinika ukomelela okuqinileyo. 🤓