MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
calendar
Recherche

Now patched macOS Calendar exploit let hackers steal data from iCloud

vendredi 13 septembre 2024, 20:57 , par AppleInsider
A security researcher has detailed an old hack in macOS that gave hackers full access to a user's iCloud, needing only a calendar invite to succeed.Even Apple's Calendar app can be vulnerableIn 2022, security researcher Mikko Kenttala discovered a zero-click vulnerability within macOS Calendar that could allow attackers to add or delete files in the Calendar sandbox environment. The vulnerability allowed attackers to execute malicious code and access sensitive data stored on the victim's device, including iCloud Photos.The exploit starts with the attacker sending a calendar invite containing a malicious file attachment. The filename isn't properly sanitized, which allows the attacker to perform a 'directory traversal' attack, meaning they can manipulate the file's path and place it in unintended locations. Continue Reading on AppleInsider | Discuss on our Forums
https://appleinsider.com/articles/24/09/13/now-patched-macos-calendar-exploit-let-hackers-steal-data...

Voir aussi

News copyright owned by their original publishers | Copyright © 2004 - 2024 Zicos / 440Network
Date Actuelle
jeu. 21 nov. - 18:22 CET