Shulou(Shulou.com)11/24 Report--

CTOnews.com reported on June 24 that CTOnews.com had reported an Triangulation vulnerability in Apple's iOS 15.7 and earlier, which could allow attackers to spread Trojans through iMessage. Apple has released an update to fix the Triangulation vulnerability.

The specific system version is:

IOS/iPadOS 16.5.1/15.7.7

MacOS Ventura 13.4.1

WatchOS 8.8.1 (only CVE-2023-32434 vulnerabilities have been fixed).

▲ image source Apple official website

▲ image source Apple official website

CTOnews.com, the source of ▲ images, noted that the vulnerability called CVE-2023-32434 is an integer overflow vulnerability that affects the core of the system and allows malicious Trojans to execute arbitrary code with core privileges.

Another CVE-2023-32439, a type obfuscation vulnerability in the Safari browser engine WebKit, allows an attacker to send a link to a web page and induce the user to click to visit, thereby executing malicious code hidden in the web page.

Kaspersky also released a testing tool a few days ago, which can help users and enterprises detect whether their iPhone is infected with Trojans. However, due to the closeness of Apple's iOS system, users cannot directly connect the phone to the computer and open the software to scan the phone itself. They must manually connect their iPhone to the computer and back up the data in the iPhone to the local place before they can use detection tools to analyze the iPhone files backed up locally.

Related readings:

"Kaspersky releases a special tool to detect whether Apple iPhone is infected with Trojans."

"iOS 15.7 and previous versions are affected, and attackers use Apple iMessage to spread malware"

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.