Security bugs are not all that difficult to come by these days. Particularly mobile devices and web browsers have a tendency to be vulnerable. Both Google and Apple recently addressed key flaws to ensure user security.
Several Major Software Exploits
One has to commend Google for not only identifying the bugs in question, but also fixing them without causing a ruckus. Several vulnerabilities were addressed across Chrome, Android, and Windows. As is often the case, the exploits range from “needs fixing” to “very problematic”. Unfortunately, it appears they have all been exploited in the wild, which means some people will have been affected in recent months.
Perhaps even more worrying is how all of the exploits relate to one another. Not necessarily in terms of how to exploit the bugs, but they seemingly affected very similar parts of code. Whether this means a group of hackers shared this knowledge, is a guessing game at this point. It certainly looks that way, which is not good news.
It is worth mentioning the bus span anything from font libraries to the Chrome sandbox environment, and everything in between. At least 1 recently fixed exploit could be leveraged to take over an entire system. With all of these problems out of the way now, the entire world can relax again.
One thing to keep in mind is how all affected parties – Google, Apple and Microsoft- aren’t sharing any details. They have only confirmed some issues were addressed, without going into specifics. The lack of disclosure has security experts worried, for obvious reasons. This is not the standard protocol, after all.
Some Interesting Details
While not much information is being provided regarding the exploits, there are some worthwhile details. Apple decided to issue a security fix for iOS 12. A valiant approach, as this operating system is over two years old. This seems to indicate some of these exploits may have been around for years without anyone noticing.
Google is currently the only entity with all of the information. As has become somewhat of the norm recently, the technology giant isn’t too forthcoming with information. No new information will be offered for the foreseeable future. Apple isn’t too keen on sharing anything either. Microsoft has released security updates, but that is about it.
Considering how there are 4 zero-day exploits for Chrome and Android on the list, there will be ample speculation. Combined with at least 3 critical iOS bugs – two of which affect the kernel – there are plenty of reasons for concern. Contrary to what some may think, there is no apparent link to the US elections at this time.
Assuming this is all the work of one particular collective, it makes one wonder what else they may be capable of. As these exploits clearly have Apple and Google worried, things are bound to get very interesting in the near future. That may not bode well for corporations and consumers, though.
Looking to advertise? We will gladly help spread the word about your project, company, or service. CryptoMode produces high quality content for cryptocurrency companies. We have provided brand exposure for dozens of companies to date, and you can be one of them. All of our clients appreciate our value/pricing ratio. Contact us if you have any questions: [email protected]