我们和威胁分析小组合作发现五个攻击链中共有14个漏洞:其中7个针对iPhone的网络浏览器、5个针对内核,还有2个独立的沙箱逃逸。初步分析表明特权升级链中至少有一个仍然是零日漏洞(指被发现后立即被恶意利用的安全漏洞),而且发现以后没有进行修复。
There is some good news, however. First, an iPhone user had to visit one of the hacked websites in order for their iPhone to be infected. TAG did not specify which websites were hacked, but their report says the sites received "thousands of visitors per week," suggesting the sites received relatively minor traffic relative to the number of iPhones in the wild.
但也有好消息。首先iPhone用户需要访问一个被黑的网站才会被攻击,威胁分析小组并未具体说明哪些网站被黑了,但报告中称这些网站“每周有数千访问者”,相比iPhone的使用量来说这些网站的访问量只是很小一部分。
Further, even if the malware made it onto an iPhone, when a user restarted their iPhone, the malware would be wiped clean in most instances. Of course, news of any exploits in iOS isn't good—no matter how few users were impacted.
而且即使iPhone被安装了恶意软件,在大多数情况下用户重启手机后恶意软件都会被清理干净。当然任何关于iOS漏洞的消息都不是好消息,即使受影响人数很少。
【谷歌发现一批危险网站,只要你访问,你的手机就被黑了】相关文章:
最新
2020-09-15
2020-09-15
2020-09-15
2020-09-15
2020-09-15
2020-09-15