Apple iOS 11.2.5 Security Update
Apple has released security updates that address multiple vulnerabilities in Apple iOS.
This update resolves 13 vulnerabilities in the following components of the affected software: Audio, Core Bluetooth, LinkPresentation, QuartzCore, Security, and WebKit. An attacker could exploit these vulnerabilities by persuading a user to open a malicious link, text message, or audio file. If successful, the attacker could execute arbitrary code or cause a denial of service (DoS) condition on the targeted device.
This update also addresses multiple vulnerabilities in the Kernel component due to improper memory handling, a race condition, and insufficient input validation. An attacker could exploit these vulnerabilities by persuading a user to open a malicious application. An exploit could allow the attacker to execute arbitrary code with kernel privileges or read restricted memory on the targeted device.
CVE Numbers :-
Apple iOS versions prior to version 11.2.5 running on the following devices are vulnerable:
- iPhone 5s and later
- iPad Air and later
- iPod touch 6th generation
Users are advised to apply the appropriate updates.
Users should verify that unsolicited links are safe to follow.
Users are encouraged to download applications on their iOS devices only from trusted sources.
Apple has confirmed these vulnerabilities in a security advisory at the following link: HT208463
Apple has released software updates that address these vulnerabilities. Users can install the updates by using the Check for Updates button in Apple iTunes or the Software Update feature of the iOS device. After applying the update, users are encouraged to verify that the iOS device was updated and is running iOS version 11.2.5. Users can verify that the update was applied by navigating to Settings > General > About on the device.
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.