Sujet : Re: Three zero-days within months - Apple is on a roll for zero-day bugs in 2025
De : nuh-uh (at) *nospam* nope.com (Alan)
Groupes : misc.phone.mobile.iphone comp.mobile.ipad comp.sys.mac.systemDate : 27. May 2025, 02:14:49
Autres entêtes
Organisation : A noiseless patient Spider
Message-ID : <10133m9$28not$2@dont-email.me>
References : 1
User-Agent : Mozilla Thunderbird
On 2025-05-23 18:58, Marion wrote:
*Three zero-days within months!*
<https://www.csoonline.com/article/3843999/apple-patches-zero-day-bugs-used-in-targeted-iphone-attacks.html>
The company suffered a total of twenty zero-day holes in 2023, including
the actively exploited RCE bugs, CVE-2023-32434 and CVE-2023-32435.
In 2024, Apple fixed six zero-day bugs, along with a string of critical
flaws including CVE-2024-23225 and CVE-2024-23296 which together allowed
attackers to bypass kernel memory protection.
This marks Apple's third zero-day fix since the start of the year,
following patches for CVE-2025-24085 in January and CVE-2025-24200 in
February.
Surprise! While Android has *never* had a Pegasus kernel exploit, iOS
constantly has them, in addition to the termite-ridden WebKit abomination.
Interesting your very careful phrasing there: "Pegasus KERNEL exploit"...
'Pegasus for Android
Pegasus for Android is the Android version of malware that has reportedly been linked to the NSO Group.'
<
https://attack.mitre.org/software/S0316/>
Three zero-days within months - Apple is on a roll for zero-day bugs in 2025
Re: Three zero-days within months - Apple is on a roll for zero-day bugs in 2025