all InfoSec news
DER Entitlements: The (Brief) Return of the Psychic Paper
Project Zero googleprojectzero.blogspot.com
Posted by Ivan Fratric, Project Zero
Note: The vulnerability discussed here, CVE-2022-42855, was fixed in iOS 15.7.2 and macOS Monterey 12.6.2. While the vulnerability did not appear to be exploitable on iOS 16 and macOS Ventura, iOS 16.2 and macOS Ventura 13.1 nevertheless shipped hardening changes related to it.
Last year, I spent a lot of time researching the security of applications built on top of XMPP, an instant messaging protocol based on XML. More specifically, my research focused …
applications cve hardening instant messaging ios ios 15 ios 16 ios 16.2 macos macos monterey macos ventura messaging monterey project project zero protocol return security ventura vulnerability xmpp