![]() ![]() Download and start additional apps without going through the App StoreĪpple hasn’t said how these bugs were found (other than to credit “an anonymous researcher”), hasn’t said where in the world they’ve been exploited, and hasn’t said who’s using them or for what purpose.Spy on any and all apps currently running. ![]() This almost certainly means that the attacker could: …could jump from controlling just a single app on your device to taking over the operating system kernel itself, thus acquiring the sort of “admininstrative superpowers” normally reserved for Apple itself. There’s also a kernel code execution hole dubbed CVE-2022-32894, by which an attacker who has already gained a basic foothold on your Apple device by exploiting the abovementioned WebKit bug… The CVE-2022-32893 vulnerability therefore potentially affects many more apps and system components than just Apple’s own Safari browser, so simply steering clear of Safari can’t be considered a workaround, even on Macs where non-WebKit browsers are allowed. Macs can run versions of Chrome, Chromium, Edge, Firefox and other “non-Safari” browsers with alternative HTML and JavaScript engines (Chromium, for example, uses Blink and V8 Firefox is based on Gecko and SpiderMonkey).īut on iOS and iPadOS, Apple’s App Store rules insist that any software that offers any sort of web browsing functionality must be based on WebKit, including browsers such as Chrome, Firefox and Edge that don’t rely on Apple’s browsing code on any other plaforms where you might use them.Īdditionally, any Mac and iDevice apps with popup windows such as Help or About screens use HTML as their “display language” – a programmatic convenience that is understandably popular with developers.Īpps that do this almost certainly use Apple’s WebView system functions, and WebView is based directly on top of WebKit, so it is therefore affected by any vulnerabilities in WebKit. Remember that WebKit is the part of Apple’s browser engine that sits underneath absolutely all web rendering software on Apple’s mobile devices. Simply put, a cybercriminal could implant malware on your device even if all you did was to view an innocent-looking web page. There’s a remote code execution hole (RCE) dubbed CVE-2022-32893 in Apple’s HTML rendering software (WebKit), by means of which a booby trapped web page can trick iPhones, iPads and Macs into running unauthorised and untrusted software code. Performance will vary based on system configuration, network configuration, network connection, and other factors.Apple just pushed out an emergency update for two zero-day bugs that are apparently actively being exploited. Tested with prerelease Safari 14.0.1 and WPA2 Wi-Fi network connection. Tested on preproduction MacBook Air and Mac mini systems with Apple M1 chip and 8-core GPU, as well as production 1.2GHz quad-core Intel Core i7-based 13-inch MacBook Air systems and 3.6GHz quad-core Intel Core i3-based Mac mini systems, all configured with 16GB RAM, 2TB SSD, and prerelease macOS Big Sur. ![]() “Up to 1.5x speedier at running JavaScript and nearly 2x more responsive”: Testing conducted by Apple in September and October 2020 using JetStream 2 and Speedometer 2.0 performance benchmarks. Performance will vary based on usage, system configuration, application workload, network connection, and other factors. Page load performance tested using snapshot versions of 10 popular websites under simulated network conditions with prerelease Safari 14.0.1 and Chrome v.121 on macOS. Tested with prerelease Safari 14.0.1, Chrome v.75, and Firefox v81.0.1 on macOS, as well as Chrome v.75, Microsoft Edge v86.0.622.38, and Firefox v81.0.1 on Windows Home, with WPA2 Wi-Fi network connection. Scores represent browsers that completed the test. Performance compared to other browsers on Mac and PC using JetStream 2, MotionMark 1.1, and Speedometer 2.0 benchmarks and Windows 10 Home, version 2004, running in Boot Camp. Not all features are available on all devices. Safari tested with HD 1080p content, Chrome and Firefox tested with HD 720p content, all on macOS. Battery life tested with display brightness set to 12 clicks from bottom or 75 percent. “World’s fastest browser,” “industry-leading battery life,” and “loads frequently visited sites an average of 50 percent faster than Chrome”: Testing conducted by Apple in October 2020 on production 1.4GHz quad-core Intel Core i5-based 13-inch MacBook Pro systems with 8GB RAM, 256GB SSD, and prerelease macOS Big Sur. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |