蘋果發布iPhone、iPad更新,修補VoiceOver可能洩露密碼的漏洞
支付動態 · 2024-10-07
上週蘋果推出新版iOS及iPadOS,並公告2項漏洞,其中比較特別的是CVE-2024-44204,因為若不處理,手機或平板有可能透過VoiceOver念出密碼
10月3日蘋果發布iOS 18.0.1、iPadOS 18.0.1,總共修補2個資安漏洞,其中由研究人員Bistrit Daha通報的CVE-2024-44204特別引起注意,因為存在漏洞的裝置有可能藉由VoiceOver機制,大聲朗讀使用者的密碼。
針對這項漏洞發生的原因,蘋果指出是因為密碼(Passwords)元件的驗證機制存在邏輯錯誤,影響iPhone XS、13吋iPad Pro、第3代12.9吋iPad Pro、11吋iPad Pro、第3代iPad Air、第7代iPad,以及第5代iPad mini與其後繼機種。
另一個漏洞CVE-2024-44207,僅影響iPhone 16全系列機種,這項漏洞涉及Media Session元件,使得Messages能在麥克風指示燈啟動的數秒前截取聲音。
热门文章
SBC Summit Canada to Make Player Safety a Key Pillar of 2026 Agenda
Marketing
Vietnam’s Controlled Gaming Shift Gains Ground, But Domestic Demand Still Lags
Southeast Asia
PropellerAds Shared a New iGaming Case Study: 97,674 Installs and 12,701 Deposits in 3 Months
Marketing
Gaming & Technology Expo Makes a Powerful Entrance in CDMX
Marketing
Brazil Proposes Raising Gambling Tax Rate to 24%, With Revenue Allocated to Social Security and Healthcare
Regulation
Online gambling, crypto pose ongoing money laundering risks in Philippines, analyst says
Southeast Asia
Full House at GAT Expo Cartagena 2026 Academic Agenda
Online Game
Institutional Academy that exceeded expectations marked the opening of GAT CDMX
Online Game
New Jersey July Gambling Revenue Hits $606M, Sweeps Casinos Banned
Regulation
GGC Awards 2026 Shines in Colombo: Honoring Leaders and Innovators in the iGaming Industry
HUIDU Focus
British gambling levy rates confirmed for each vertical
Regulation
GAT Expo Puerto Rico Will Pulse with the New Era of Gaming in the Caribbean
Marketing
Across 6 Cities: HUIDU Invites You to 8 World Cup Parties Redefining High-Value Social Networking
HUIDU Focus
Indiana online casino bill stalls in House committee
Regulation
UK MPs reopen 2025 gambling inquiry as reform stalls
Regulation
