Apple issued an urgent security update for Safari and OS X on Thursday after discovering vulnerabilities in its desktop operating system similar to those that were found in its mobile operating system last week. The vulnerabilities allow hackers and attackers to take control of a device remotely.
Apple issues fix for OS X and Safari
To fix the serious security flaws, Apple issued new security updates not only for El Capitan and Yosemite but also for the Safari browser. This will fix the problems that could give malicious software access to a device’s kernel, allowing unauthorized software to be installed on it.
The iPhone maker warned in its advisory that visiting a “maliciously crafted website” through its Safari browser could let attackers and hackers execute arbitrary code on the computer. In the release notes, the company notes that patches indicate problems with memory corruption and validation with OS X and that the new version of Safari blocks websites from running malware.
Jim O’Shaughnessy: Fear Signals Created By The Reptilian Brain
ValueWalk's Raul Panganiban interviews Jim O’Shaughnessy, Chairman, Co-chief Investment Officer, and Portfolio Manager at O’Shaughnessy Asset Management. In this part, Jim discusses the fear and emotional signals created by the reptilian brain. Q1 2020 hedge fund letters, conferences and more That's very cool. For the factor to try to seek the reason why it works, Read More
The vulnerability discovered in the desktop OS is the same that was found targeting mobile operating systems on a prominent Arab activist’s iPhone. A week earlier, Internet security experts found that the activist’s iPhone was being targeted by taking advantage of three previously unknown vulnerabilities in Apple’s mobile software.
Same issue for desktop and mobile
Ahmed Mansoor, a human rights researcher from the United Arab Emirates, was the first person to face an attack using the exploit. He was sent an SMS message with an unknown link which would have allowed the malware to dig into his iPhone’s kernel if he had followed the link. The hackers could have broken into his phone without his knowledge.
Apple responded to the vulnerability by launching an updated version of iOS (9.3.5). The mobile and desktop versions of the Safari browser share almost the same code base, because of which similar vulnerabilities showed up in OS X, notes CNET.
Mansoor was wise enough to not follow the suspicious link, and that kept his smartphone safe. If you are a Mac owner, then follow Mansoor’s lead and download all the latest security updates for your Mac as soon as possible. Also download iOS 9.3.5 update if you have not done that already.