Good news ! Hackbusters community is waiting for you !  https://discuss.hackbusters.com
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at: https://discuss.hackbusters.com.

WebKit Vulnerability Affects Latest Versions of Apple Safari

Webkit_headpic

A researcher published exploit code for a vulnerability in WebKit, the web browser engine that powers Apple's Safari, along with other apps on macOS, iOS, and Linux.

The exploit takes advantage of an optimization error with WebKit's matching of regular expressions, which could end with the possibility to execute arbitrary shellcode.

Linus Henze, the developer of the exploit, says that the vulnerability has been patched in WebKit sources but the fix is yet to reach the Safari browser.

Latest Safari versions are affected

When describing the bug, Henze emphasizes that both the iOS and macOS versions of the browser are affected, although currently his code does not have support for Apple's mobile platform.

In the case of iOS, the developer says that a vulnerable variant of WebKit exists starting with revision 12.0 of the OS. As for the desktop, if the browser engine is on macOS 10.14 and up, it is exploitable.

"This is an exploit for the latest version of Safari (as of Dec. 6...(continued)

View All Trending Stories