Apple has released a new version of watchOS, the operating system for Apple Watch, in which a large number of vulnerabilities has been resolved. Through two of the patched vulnerabilities could execute a malicious website arbitrary code on the smart watch.
Also, various other vulnerabilities made the execution of arbitrary code as possible, for example, in the processing of a malignant font. Furthermore, there is a problem solved in apple pay making a payment terminal could figure out some recent transaction data on a payment. Also, it was for an attacker having a "privileged network position" is possible to intercept SSL / TLS connections and to monitor the activities of the user.
A vulnerability in the "Core Crypto" could allow an attacker to determine the RSA private key of the user. In total, Apple has watchOS two 37 vulnerabilities patched. Updating via the Software Update feature of the operating system.
No comments:
Post a Comment