Bugs a cikin iOS ya sa ya yiwu a hack iPhone kawai ta hanyar yanar gizo. Google ne kawai ya gano su

30. 8. 2019

Masu bincike daga ƙungiyar Google Project Zero sun gano wani rauni wanda shine mafi girma a tarihin dandamali na iOS. M malware sun yi amfani da kwari a cikin gidan yanar gizon Safari ta hannu.

Masanin kimiyya na Google Project Zero Ian Beer ya bayyana komai akan shafin sa. Babu wanda ya isa ya guje wa hare-haren a wannan karon. Ya isa ya ziyarci gidan yanar gizo mai cutar don kamuwa da cutar.

Masu sharhi daga Ƙungiyar Binciken Barazana (TAG) a ƙarshe sun gano jimillar kwari daban-daban guda biyar da suka kasance daga iOS 10 zuwa iOS 12. A takaice dai, maharan na iya amfani da raunin na akalla shekaru biyu tun lokacin da waɗannan tsarin ke kasuwa.

malware sunyi amfani da ƙa'ida mai sauƙi. Bayan ziyartar shafin, lambar tana gudana a bangon da aka canjawa wuri cikin sauƙi zuwa na'urar. Babban makasudin shirin shine tattara fayiloli da aika bayanan wurin a cikin tazarar minti daya. Kuma tun da shirin ya kwafi kansa a cikin ƙwaƙwalwar na'urar, ko da irin waɗannan iMessages ba su da lafiya daga gare ta.

TAG tare da Project Zero sun gano jimlar rashin lahani guda goma sha huɗu a cikin manyan kurakuran tsaro guda biyar. Daga cikin waɗannan, cikakkun bakwai masu alaƙa da Safari ta hannu a cikin iOS, wani biyar zuwa kernel na tsarin aiki kanta, kuma biyu ma sun sami damar ketare sandboxing. A lokacin ganowa, ba a sami lahani ba.

Photo: KayanKayyana

Kafaffen kawai a cikin iOS 12.1.4

Masana daga Project Zero sun ruwaito Kuskuren Apple kuma ya ba su kwanaki bakwai bisa ga ka'idoji har zuwa bugawa. An sanar da kamfanin a ranar 1 ga Fabrairu, kuma kamfanin ya gyara kwaro a cikin sabuntawar da aka fitar a ranar 9 ga Fabrairu a cikin iOS 12.1.4.

Jerin waɗannan raunin yana da haɗari a cikin cewa maharan suna iya yada lambar cikin sauƙi ta wuraren da abin ya shafa. Tunda duk abin da ake buƙata don cutar da na'ura shine a loda gidan yanar gizo da gudanar da rubutun a bango, kusan kowa yana cikin haɗari.

An bayyana komai ta hanyar fasaha akan shafin Ingilishi na rukunin Google Project Zero. Shafin yana ƙunshe da ɗimbin bayanai dalla-dalla. Yana da ban mamaki yadda kawai mai binciken gidan yanar gizo zai iya aiki azaman hanyar shiga na'urarka. Ba a tilasta mai amfani ya shigar da komai ba.

Saboda haka tsaron na'urorin mu ba abu ne mai kyau ba da za a yi wasa da shi.

Source: 9to5Mac

Batutuwa: iOS 10, iOS 12, iMessage, Safari, 9to5mac, ƙwaƙwalwar ajiya, Google, shirin, iOS, mai amfani

Tattaunawar labarin

Sunan ku

Sharhin ku

Ta hanyar cike bayanan da ke sama, na yarda cewa kamfanin TEXT FACTORY s.r.o., ofishin rajista a Brno, Durďákova 336/29, Černá Pole, ZIP code: 613 00, lambar ID: 06157831, rajista a Kotun Yanki a Brno, sashe na C , saka 100399, zai aiwatar da bayanan sirri na da aka bayar a cikin fom ɗin rajista da na cika bisa la'akari da halalcin buƙatun TEXT FACTORY s.r.o. bisa ga Mataki na 6 sakin layi na 1 harafi f) GDPR da kuma cika wajibai na shari'a (Mataki na 6, sakin layi na 1, harafi c) GDPR), don dalilai masu zuwa: wajibcin tabbatar da izinin baƙi zuwa gidajen yanar gizon da TEXT FACTORY s.r.o. ke sarrafa don ba da gudummawa sosai ga labaran da aka buga ko a cikin tattaunawa. forums da aiwatar da haƙƙin TEXT FACTORY s.r.o. a matsayin mai kula da waɗannan wuraren tattaunawa. Ana iya samun ƙarin bayani game da sarrafa bayanan sirri da haƙƙoƙi a ciki Darussan kan kariyar bayanan sirri. dukan rubutun

Zai iya zama sha'awar ku

Photo: KayanKayyana

Kafaffen kawai a cikin iOS 12.1.4

Zai iya zama sha'awar ku

Masu alaƙa