Own an older iPhone? Check you’re on the latest version to avoid this bug

Categories: Apple

Categories: Exploits and vulnerabilities

Categories: News

Tags: iOS 12.5.7

Tags: CVE-2022-42856

Tags: type confusion

Tags: WebKit

Apple has now released security content for iOS 12.5.7 which includes a patch for an actively exploited vulnerability in WebKit and many other updates.

(Read more…)

The post Own an older iPhone? Check you’re on the latest version to avoid this bug appeared first on Malwarebytes Labs.

Read more

Update now! Apple patches active exploit vulnerability for iPhones

Categories: Exploits and vulnerabilities

Categories: News

Tags: Apple

Tags: iOS 16.1.2

Tags: Safari 16.2

Tags: CVE-2022-42856

Tags: type confusion

Apple has released new security content for iOS 16.1.2 and Safari 16.2. to fix a zero-day security vulnerability that was actively exploited

(Read more…)

The post Update now! Apple patches active exploit vulnerability for iPhones appeared first on Malwarebytes Labs.

Read more

Update now! Emergency fix for Google Chrome’s V8 JavaScript engine zero-day flaw released

Categories: Exploits and vulnerabilities

Categories: News

Tags: V8

Tags: V8 JavaScript Engine

Tags: Google Chrome

Tags: Chrome

Tags: CVE-2022-4262

Tags: 108.0.5359.94

Tags: 108.0.5359.95

Tags: Chrome V8 flaw

Tags: type confusion

Google has rolled out an out-of-band patch for an actively exploited zero-day vulnerability in its V8 JavaScript engine. Make sure you’re using the latest version.

(Read more…)

The post Update now! Emergency fix for Google Chrome’s V8 JavaScript engine zero-day flaw released appeared first on Malwarebytes Labs.

Read more

SSD Advisory – Chrome Type Confusion in JSCreateObject Operation to RCE

Credit to Author: SSD / Ori Nimron| Date: Mon, 29 Oct 2018 09:21:47 +0000

Vulnerabilities Summary The following advisory discusses a vulnerability found in turbofan, the JIT compiler. We can trigger the JavaScript code in a way that leads to type confusion that can be exploited in order to execute code remotely on Google Chrome Versions 69.0 and before. Vendor Response Vendor has fixed the issue in Google Chrome … Continue reading SSD Advisory – Chrome Type Confusion in JSCreateObject Operation to RCE

Read more