Re: Yet again, Apple forgot to sufficiently test desktop & iOS versions

Liste des GroupesRevenir à m ipad 
Sujet : Re: Yet again, Apple forgot to sufficiently test desktop & iOS versions
De : jollyroger (at) *nospam* pobox.com (Jolly Roger)
Groupes : misc.phone.mobile.iphone comp.sys.mac.system comp.mobile.ipad
Date : 15. May 2024, 04:01:31
Autres entêtes
Organisation : People for the Ethical Treatment of Pirates
Message-ID : <laimsbFmkmhU5@mid.individual.net>
References : 1
User-Agent : slrn/1.0.3 (Darwin)
On 2024-05-15, Andrew <andrew@spam.net> wrote:
Yet again, Apple forgot to sufficiently test desktop & iOS versions.

Samsung has just released an update for its flagship devices—this
includes two ‘critical’ security fixes, one of which is late and should
be installed urgently....

Samsung is on a roll, and its flagship Galaxy users are again being
given an early look at the new Android monthly security update almost as
soon as Google reveals details of the urgent fixes being released this
time around.

That said, it’s not all smooth running. One critical fix that Google
included in its April security release is only just being made available
by Samsung now—this Qualcomm modem issue could potentially lead to a
memory corruption issue during a secure comms “handshake,” and such
memory vulnerabilities open doors to exploitation.

The other critical fix for May impacts the phone’s change log process,
which could lead to “local escalation of privilege with no additional
execution privileges needed.”

Details—as ever—remain scarce for now, but Google says the critical tag
“is based on the effect that exploiting the vulnerability would possibly
have on an affected device.” Such an attack in isolation would require
“platform and service mitigations” to be off, but vulnerabilities can be
exploited as part of a more sophisticated chain attack.

Over the coming days, Galaxy users will see the updates made available
as per usual—dependent upon region and carrier. Samsung will focus on
its newest, priciest devices first, and then work down the list. Owners
of older, cheaper devices may already be on a quarterly schedule—or
worse. You can find details here:

<https://security.samsungmobile.com/workScope.smsb>

--
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR

Date Sujet#  Auteur
15 May 24 * Yet again, Apple forgot to sufficiently test desktop & iOS versions5Andrew
15 May 24 `* Re: Yet again, Apple forgot to sufficiently test desktop & iOS versions4Jolly Roger
15 May 24  `* Re: Yet again, Apple forgot to sufficiently test desktop & iOS versions3Jörg Lorenz
15 May 24   `* Re: Yet again, Apple forgot to sufficiently test desktop & iOS versions2Jolly Roger
15 May 24    `- Re: Yet again, Apple forgot to sufficiently test desktop & iOS versions1Andrew

Haut de la page

Les messages affichés proviennent d'usenet.

NewsPortal