Apple Releases Patch For Trident, A Trio Of iOS 0-Days

  /     /     /  
Publicated : 22/11/2024   Category : security


Apple Releases Patch For Trident, A Trio Of iOS 0-Days


Already rolled into the Pegasus spyware product and used to target social activists, the vulnerabilities are fixed in iOS 9.3.5.



Apple, today, released
patches
for a trio of iOS zero-day vulnerabilities that, when used together, enable an attacker to remotely, silently jailbreak the device phone and install highly sophisticated spyware upon it. 
The vulnerabilities, collectively called Trident, are patched in iOS version 9.3.5. They include CVE-2016-4655, Memory Corruption in Webkit, CVE-2016-4656, Information leak in Kernel, and CVE-2016-4657, Kernel Memory corruption leads to Jailbreak. 
The discovery was made by Lookout and Citizen Lab, who worked with Apple on the patch before making the disclosure. Citizen Lab was tipped off to the bugs first by United Arab Emirates-based
human rights defender Ahmed Mansoor,
who reported that he had received suspicious text messages. Citizen Lab and Lookout investigated, and found that Mansoor -- who has been targeted by lawful intercept malware in the past -- was now being targeted by Francisco Partners Managements Pegasus spyware product, which was now equipped to exploit this trio of undisclosed iOS zero-day vulnerabilities.
For more information, see the
blog at Lookout
.
 

Last News

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Apple Releases Patch For Trident, A Trio Of iOS 0-Days