About the security content of iOS 15.8.5 and iPadOS 15.8.5

(support.apple.com)

328 points jerlam | 1 comments | 17 Sep 25 00:34 UTC | HN request time: 0.498s | source

Show context

sunrunner ◴[17 Sep 25 01:00 UTC] No.45270286[source]▶

> Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.

Even if there was no mention of this or the implication that it’s linked to the notifications Apple sends for targeted attacks, is it fair to say this kind of backdated security patch implies a lot about the severity of the vulnerability? What’s Apple’s default time frame for security support?

replies(7): >>45270299 #>>45270338 #>>45270340 #>>45270394 #>>45270424 #>>45270622 #>>45270949 #

giancarlostoro ◴[17 Sep 25 01:20 UTC] No.45270424[source]▶

>>45270286 #

One key thing I noticed is this is before iPadOS was a thing, so this patch targets iPads too... Which makes me wonder... this is speculation no proof, but I wonder if someone is exploiting Point of Sale devices that are powered by old iPads somehow, which is out of the control of a lot of end-users who are at thee mercy of the POS vendors who are probably charging an insane premium on them.

I worked at a restaurant chain and I remember it being a whole thing to even consider reworking the POS tables + software due to rising costs.

replies(3): >>45270559 #>>45270954 #>>45270986 #

1. batiudrami ◴[17 Sep 25 01:39 UTC] No.45270559[source]▶

>>45270424 #

By the phrasing this is almost certainly a patch for targeted vulnerabilities to install Pegasus or similar.

↑