It is currently 15-12-2017 15:05

Operated Pegasus Trojan vulnerabilities affect iOS, OS X and Safari

Operated Pegasus Trojan vulnerabilities affect iOS, OS X and Safari

by sigismund » 2016-09-02 15:58:10


Vulnerability allows to remotely execute code, steal information from the memory and to implement a DoS attack.


As previously reported by SecurityLab, last week it became known about the malware AT the Pegasus. This sophisticated tool was developed by the Israeli company NSO Group involved in the creation of spyware for governmental structures and exploited three zero-day vulnerabilities in iOS. 25 Aug Apple released updates that fix these vulnerabilities.

However, as it turned out, the problem has affected not only the mobile OS, but also OS X and the Safari browser. It is not surprising, since both operating systems from Apple contain a large number of the same code, and therefore, are susceptible to the same vulnerabilities. Thursday, September 1, the vendor released patches for Safari, El Capitan and Yosemite that fixes the problem.

CVE-2016-4564 affects the kernel extension IOMobileFrameBuffer manage human buffer (framebuffer) and allows to execute arbitrary code or cause a denial of service. CVE-2016-4655 allows an attacker to steal information from memory and using CVE-2016-4656 possible to execute arbitrary code or perform a DoS attack.
sigismund
moderators
Сообщений: 788
Депозит: 0 BTC

Rating: 5