Apple launched its new mobile operating system iOS 15 and iPadOS 15 on September 20, and here is already the second update, just ten days after the first. This time it contains a security patch for a zero-day flaw, in other words, already exploited by hackers.
The flaw numbered CVE-2021-30883 is attributed to an anonymous researcher and affects the IOMobileFrameBuffer component, a kernel extension that acts as a display buffer. A memory corruption bug allows the execution of arbitrary code. As usual, Apple does not disclose more details on this flaw. To better understand, we must turn to a publication of the researcher Saar Amar.
A flaw present since at least iOS 14.7.1
By using the BinDiff tool, a binary file comparison tool, he was able to spot the changes made by the update and thus write code to test the flaw. According to him, it is present in iOS 15.0 and 14.7.1 and, probably, in earlier versions of the operating system. It does not require any special permission and could be used as the basis for a jailbreak (unlock) of iOS.
This is the first security update for the new mobile operating system. iOS and iPadOS 15.0.2 is available for iPhone 6s, iPad (5th generation), iPad Pro, iPad Air 2, iPad mini 4, iPod touch and all newer models. All owners of iPhones and other Apple mobile devices are encouraged to install this update as soon as possible.
Read more on Futura “class =” link rapid-noclick-resp “>> Read more on Futura
Read also on Futura
–
