Apple Patches Safari, OS X Flaws to Prevent Snooping


Apple on Thursday fixed critical vulnerabilities in its desktop Safari browser and the OS X operating system.

The security update comes after Cupertino last week patched a serious iOS flaw that let malware spy on a users' phone calls and text messages. But Safari's mobile and desktop versions share the same codebase, making Mac users vulnerable, as well.

According to Apple's advisory, the Safari 9.1.3 bug could allow a hacker to execute arbitrary code on an unsuspecting victim's Mac by tricking the person into visiting "a maliciously crafted website."

Hackers employed the same technique recently when they tried to infiltrate human rights activist Ahmed Mansoor's iPhone. The prominent advocate reportedly received a text message from a "cyber war" company with a link to malware that would have jailbroken his handset and installed surveillance software.

The exploit, according to research group Citizen Lab, is connected to NSO Group, an Israeli company best known for selling a government-exclusive "lawful intercept" spyware product called Pegasus. If Mansoor had activated the malware, it would have allowed NSO access to the phone's camera, microphone, and GPS.

"Not only could NSO infect iPhones at the touch of a link, but it seems that the vulnerabilities they were exploiting could be weaponized to target many different platforms," Citizen Lab researcher Bill Marczak told Motherboard.

Citizen Lab did not immediately respond to PCMag's request for comment.

Apple last week released the latest version of iOS, 9.3.5, which fixes the aforementioned issues. The update includes two improvements to how iOS devices access memory, as well as a patch that prevents visits to malware-laden websites.

0 Comment

Leave a Reply

Captcha image


  • 5300c769af79e

    Xiaomi's New Mi5s has an Under-Glass "Ultrasonic" Fingerprint Sensor, Which is Cool

    With that said, we did want to point out the Xiaomi Mi5s and one of its more interesting features – an under-glass “Ultrasonic” fingerprint reader.What you have is a fingerprint button that lies underneath the front glass on the phone’s chin so that you don’t have a button or touchpad or area that takes away from a fluid glass front.
  • 5300c769af79e

    DEAL: Get a Tronsmart Fast Wireless Charger for $19 With This Coupon Code

    For all of you Samsung (as well as other compatible) device owners, Tronsmart is hosting a coupon code sale on its Fast Wireless Charger via Amazon.Without the coupon code, the price of this charger is listed at $24.
  • 5300c769af79e

    1Password Adds Individual Plan for $2.99

    Following the success of its family and team platforms, developer AgileBits this week introduced a service aimed at single users.99 per month, tap into 1Password's baseline functions, as well as a handful of fresh features: built-in automatic sync across devices, data-loss protection, secure document storage, Web access, and easy restoration of deleted or changed items.
  • 5300c769af79e

    Pre-Order Premium Alcatel Idol 4S VR Bundle July 15

    The Alcatel Idol 4S first broke cover during Mobile World Congress as an intriguing and premium device with packing that also doubled as a set of virtual reality (VR) goggles.We went hands on with the 4S back then, and were impressed with the svelte glass-and-metal build, high-resolution Quad HD display, and focus on VR.