Project Zero researcher Ned Williamson recently reported a new usage vulnerability after being released in iOS 15.4.1 and earlier. However, Apple has already fixed the vulnerability in iOS 15.5.
— this is my first report that uses a new method of deterministic determination of the race condition (race conditions). The recommended protobuf test case is reproduced in my internal SockFuzzer branch 100% of the time. I will reveal the source code of this technique at the Black Hat 2022 conference!”, – Williamson wrote in Twitter .
Specialist Halo-Michael released
a demo exploit application for iOS 15.4.1 and earlier, as well as an exploit application for the ipc_kmsg vulnerability affecting iOS 15.3.1 and earlier versions. Perhaps these exploits can lead to jailbreaking. The user is recommended to install the applications on a separate test device.
Earlier it was reported that pentesters helped Google fix vulnerabilities in Chrome. Last week, Google released updates for the Chrome browser, which fixes 7 vulnerabilities, including 4 problems reported by pentesters.