Safari yana fama da kurakuran tsaro guda biyu. Ɗayan yana ba ku damar ɗaukar cikakken iko akan Mac ɗin ku

21. 3. 2019

Masu fashin baki na White Hat sun gano wasu kurakuran tsaro guda biyu a cikin mashigin Safari a wani taron tsaro a Vancouver. Ɗaya daga cikinsu yana iya yin tweak da izininsa har zuwa ɗaukar cikakken iko da Mac ɗin ku. Na farko daga cikin kurakuran da aka gano sun sami damar barin akwatin yashi - ma'aunin tsaro na kama-da-wane wanda ke ba da damar aikace-aikacen su isa ga nasu kawai da bayanan tsarin.

Kungiyar Fluoroacetate ce ta fara gasar, wadanda mambobinta su ne Amat Cama da Richard Zhu. Tawagar ta yi niyya ta musamman ga mai binciken gidan yanar gizon Safari, inda ta yi nasarar kai masa hari sannan ta bar akwatin yashi. Gabaɗayan aikin ya ɗauki kusan iyakar lokacin da aka ware wa ƙungiyar. Lambar ta yi nasara ne kawai a karo na biyu, kuma nuna kwaro ta sami Team Fluoroacetate $ 55K da maki 5 zuwa taken Jagora na Pwn.

Bug na biyu ya bayyana damar tushen tushen da kwaya akan Mac. Kungiyar phoenhex & qwerty ta nuna kwaro. Yayin binciken gidan yanar gizon nasu, membobin ƙungiyar sun sami nasarar kunna kwaro na JIT tare da jerin ayyuka da ke haifar da cikakken harin tsarin. Apple ya san game da ɗaya daga cikin kwari, amma nuna kwari ya sami mahalarta $ 45 da maki 4 zuwa taken Jagora na Pwn.

Ƙungiyar Fluoroacetate (Madogararsa: ZDI)

Wanda ya shirya taron shine Trend Micro a ƙarƙashin tutar Zero Day initiative (ZDI). An kirkiri wannan shiri ne domin karfafa gwiwar masu satar bayanan sirri da su rika kai rahoton raunin kai tsaye ga kamfanoni a maimakon sayar da su ga mutanen da ba su dace ba. Kyautar kuɗi, yarda da lakabi ya kamata su zama abin motsa jiki ga masu fashin kwamfuta.

Masu sha'awar suna aika mahimman bayanai kai tsaye zuwa ZDI, wanda ke tattara bayanan da suka dace game da mai bayarwa. Masu binciken da wannan yunƙurin suka yi aiki kai tsaye za su bincika abubuwan ƙarfafawa a cikin dakunan gwaje-gwaje na gwaji na musamman sannan su ba mai binciken tuƙi. Ana biya nan da nan bayan amincewarsa. A ranar farko, ZDI ta biya sama da dala 240 ga masana.

Safari wuri ne na gama-gari don masu kutse. A taron na bara, alal misali, an yi amfani da mashigar yanar gizo don ɗaukar ikon Touch Bar akan MacBook Pro, kuma a wannan rana, masu halarta a taron sun nuna wasu hare-hare na tushen burauza.

Source: Farashin ZDI

Batutuwa: aiki, gwanin kwamfuta, Safari, MacBook Pro, shãfe, Macbook, shirin, Appikace, apple

Tattaunawar labarin

Sunan ku

Sharhin ku

Ta hanyar cike bayanan da ke sama, na yarda cewa kamfanin TEXT FACTORY s.r.o., ofishin rajista a Brno, Durďákova 336/29, Černá Pole, ZIP code: 613 00, lambar ID: 06157831, rajista a Kotun Yanki a Brno, sashe na C , saka 100399, zai aiwatar da bayanan sirri na da aka bayar a cikin fom ɗin rajista da na cika bisa la'akari da halalcin buƙatun TEXT FACTORY s.r.o. bisa ga Mataki na 6 sakin layi na 1 harafi f) GDPR da kuma cika wajibai na shari'a (Mataki na 6, sakin layi na 1, harafi c) GDPR), don dalilai masu zuwa: wajibcin tabbatar da izinin baƙi zuwa gidajen yanar gizon da TEXT FACTORY s.r.o. ke sarrafa don ba da gudummawa sosai ga labaran da aka buga ko a cikin tattaunawa. forums da aiwatar da haƙƙin TEXT FACTORY s.r.o. a matsayin mai kula da waɗannan wuraren tattaunawa. Ana iya samun ƙarin bayani game da sarrafa bayanan sirri da haƙƙoƙi a ciki Darussan kan kariyar bayanan sirri. dukan rubutun

Masu alaƙa