"iOS and iPadOS 26.5 address more than 60 CVEs, including 20 WebKit issues that can lead to a crash, sensitive user data exposure, and security bypass. Other vulnerabilities can be exploited for DoS attacks, security bypass, sandbox escape, access to sensitive user data, privilege escalation, and user tracking."
"Dozens of the vulnerabilities patched in the latest iOS and iPadOS versions were also addressed by Apple with the release of macOS Tahoe 26.5, which resolves nearly 80 vulnerabilities. The security holes that are specific to macOS can be exploited to access user information, escalate privileges to root, escape the sandbox, cause a crash, bypass Gatekeeper, and execute arbitrary code with elevated privileges."
"Apple also patched dozens of these vulnerabilities in macOS Sequoia 15.7.7 and macOS Sonoma 14.8.7. watchOS, tvOS, and visionOS have also received security updates. Since they all share the same foundational architecture as iOS, many of the latest iOS patches have been included in these platform updates."
"Some advisories inform users that a recent patch for a flaw that can be exploited to recover deleted messages has been rolled out to older iOS versions. The FBI reportedly exploited the weakness to recover Signal chats from a device. Apple has not flagged any of the other vulnerabilities as being exploited in the wild."
Apple published 11 new security advisories covering dozens of vulnerabilities patched across its operating systems. iOS and iPadOS 26.5 address more than 60 CVEs, including 20 WebKit issues that can cause crashes, expose sensitive user data, and enable security bypass. Additional flaws can be used for denial-of-service attacks, sandbox escape, privilege escalation, access to sensitive user data, and user tracking. macOS Tahoe 26.5 resolves nearly 80 vulnerabilities, including many addressed in the latest iOS and iPadOS releases. macOS-specific issues can enable access to user information, root privilege escalation, sandbox escape, Gatekeeper bypass, and arbitrary code execution with elevated privileges. macOS Sequoia 15.7.7 and macOS Sonoma 14.8.7 also received patches, and watchOS, tvOS, and visionOS included related updates. Some advisories note a patch for a flaw that can recover deleted messages was rolled out to older iOS versions, and the FBI reportedly exploited it to recover Signal chats. Apple did not flag other vulnerabilities as exploited in the wild.
#apple-security-advisories #iosipados-vulnerabilities #webkit-security #macos-privilege-escalation #cross-platform-updates
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]