[RndTbl] CVE-2023-41064
Trevor Cordes
trevor at tecnopolis.ca
Wed Oct 4 21:17:32 CDT 2023
On 2023-10-05 Adam Thompson wrote:
> Err... all the UNIX versions of Chrome are vulnerable, too. And iOS
> and iPadOS both still uses a heck of a lot of FreeBSD kernel and
> libc, under the hood. -Adam
Ya, but the main point is the no-click no-action "push" aspect of the
vulnerability unique to *phones*. Hacker can text you something you
have no control over and BOOM. So the browser and other client stuff
is a bit less critical.
The chatter on this bug is that a lot of iOS devices in the wild IRL got
hit with this hack to install Pegasus spyware. Of course, you'd never
know at all that you were one of those...
Not sure if Android has the same vulnerability -- you'd think it does?
But the stuff I'm seeing blasted all over the place is Apple specific.
Maybe they just hate Apple.
More information about the Roundtable
mailing list