Home Users

Google warns about attacks on iPhone users.

One of Google’s leading security experts, Ben Hawkes, warns cybercriminals using two 0-day iOS vulnerabilities in real-world attacks. The attacks were fixed before Apple released iOS 12.1.4. IPhone users are recommended to install the patch released yesterday.

The security problem was reported by the team leader in the Project Zero project. Ben Hawkes, however, did not clarify what circumstances are required for the successful exploitation of these vulnerabilities.

Vulnerabilities received identifiers CVE-2019-7286 and CVE-2019-7287. Hawkis reported on their exploitation in real attacks on Twitter:

 “CVE-2019-7286 and CVE-2019-7287 in the iOS advisory today (https://support.apple.com/en-us/HT209520) were exploited in the wild as 0day.”

At the moment, it is not clear what exactly these two gaps are used for – for attacks around the world that have no specific purpose, or for a coordinated cyber spy campaign.

According to Apple, CVE-2019-7286 affects the Foundation framework – one of the key components of the iOS operating system. The second, CVE-2019-72867, affects the I/O Kit. An attacker could use a malicious application and execute code with kernel privileges.

 At the moment, neither Google nor Apple have commented on these security issues.
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)
Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Recent Posts

Remove Streamingsafevpn pop-up ads (Virus Removal Guide)

Streamingsafevpn.com is a site that tries to force you into subscribing to its browser notifications…

1 day ago

Remove Psegeevalrat.net pop-up ads (Virus Removal Guide)

Psegeevalrat.net is a site that tries to trick you into subscribing to its browser notifications…

1 day ago

Remove Thi-tl-310-a.buzz pop-up ads (Virus Removal Guide)

Thi-tl-310-a.buzz is a site that tries to force you into clik to its browser notifications…

2 days ago

Remove Toreffirmading pop-up ads (Virus Removal Guide)

Toreffirmading.com is a domain that tries to force you into subscribing to its browser notifications…

2 days ago

Remove News-xboveho.site pop-up ads (Virus Removal Guide)

News-xboveho.site is a domain that tries to force you into subscribing to its browser notifications…

2 days ago

Remove Glayingly pop-up ads (Virus Removal Guide)

Glayingly.com is a site that tries to trick you into subscribing to its browser notifications…

3 days ago