Connect with us

Hi, what are you looking for?

Tweaks

Weekly Security Updates with Apple and Android

Image Source: Rawpixel.com / Shutterstock

Recently, there have been security concerns raised in Grand Theft Auto V that have captured the attention of the online community. One particular issue involves a potential exploit where incoming “join requests” from other users during online gameplay could contain malicious data capable of crashing the game client and potentially leading to Remote Code Execution (RCE) vulnerabilities. This could allow players to disrupt the gaming experience of others and even compromise their character files, possibly resulting in bans. This vulnerability (CVE-2023-24059) has drawn attention from NIST and highlights the importance of taking precautions, such as using a firewall, when playing GTA Online.

Furthermore, exploits in Apple’s XNU kernel have been identified, including a type casting error in dlil.c and a flaw in ndrv.c, which have been fixed in the latest iOS and macOS updates. Additionally, a security flaw in the Arm Mali GPU used in Pixel 6 devices running Android was discovered, allowing for potential kernel-space exploitation.

However, the handling of these security issues has varied. While Apple promptly addressed the XNU bugs, Android engineers initially deemed the GPU driver vulnerability as a “Won’t fix” problem, leaving users exposed until ARM released a fix months later. Similarly, a pre-auth integer underflow discovered in the Linux kernel’s Server Message Block Daemon driver raised concerns, highlighting the importance of timely security patches.

Notably, MSI’s desktop motherboards inadvertently compromised Secure Boot in a firmware update by setting an obscure “Image Execution Policy” that bypassed the security feature, underscoring the need for thorough security testing.

Additionally, a vulnerability in the QT suite involving JavaScript embedded in QML code could potentially lead to Remote Code Execution (RCE) issues. There is an ongoing debate between security researchers and QT developers regarding the nature of this vulnerability and its implications on application security.

These recent security incidents highlight the ongoing need for rigorous cybersecurity measures and prompt responses to vulnerabilities across platforms.

Image Source: Rawpixel.com / Shutterstock

Advertisement. Scroll to continue reading.
AIAD

You May Also Like

Tweaks

Setting up a fully equipped workshop can be quite pricey, but if your projects are smaller in scale, such an expense may not be...

Tweaks

What can you do with a low-cost Linux device that has minimal flash memory and just a single GPIO pin? While it may seem...

Tweaks

Wireless networking has become a crucial component of our everyday lives, with Wi-Fi technology integrated into a wide array of devices such as smartphones,...

Tweaks

When embarking on a new endeavor, it’s common to have misconceptions that need clarification. I experienced this when I first got my hands on...