- Joined
- Jan 1, 2014
- Messages
- 629
- Reaction score
- 52
- Points
- 28
- Your Mac's Specs
- MacBookPro 13 v11.1, i5 2.4 GHz, 256 GBs SSD, 8 GBs DDRs
Apple's latest update for iOS patches three security vulnerabilities for iOS, one is Face Time bug and two of them are active attacks in the wild.
The two attacks in the wild relied on memory corruption, where applications could gain either elevated privilege or execute arbitrary code. While it's great that Apple patched these, it brings up a question.
What happens to iOS devices that had already been exploited via the memory corruption based attack, prior to the current security patch applied? Will the patches retro-actively close the application's elevated privilege and/or right to execute arbitrary code? And if it does not, would getting rid of these mean resetting/reinstalling iOS?
Obviously, there isn't much one can do to recover any of the data that had been exploited by these two attacks. Other than "standard" change your passwords that stored on the iOS device, request new credit cards, etc., as applicable.
TIA...
The two attacks in the wild relied on memory corruption, where applications could gain either elevated privilege or execute arbitrary code. While it's great that Apple patched these, it brings up a question.
What happens to iOS devices that had already been exploited via the memory corruption based attack, prior to the current security patch applied? Will the patches retro-actively close the application's elevated privilege and/or right to execute arbitrary code? And if it does not, would getting rid of these mean resetting/reinstalling iOS?
Obviously, there isn't much one can do to recover any of the data that had been exploited by these two attacks. Other than "standard" change your passwords that stored on the iOS device, request new credit cards, etc., as applicable.
TIA...
