MacDirectory magazine is the premiere creative lifestyle magazine for Apple enthusiasts featuring interviews, in-depth tech reviews, Apple news, insights, latest Apple patents, apps, market analysis, entertainment and more.
Issue link: https://digital.macdirectory.com/i/1401427
As far as macOS was concerned, there were no huge changes in macOS 11.5. The update did, however, address a couple of bugs that had been affecting some users: • An issue where Music was not updating play history data correctly • An issue preventing M1 Mac users from using smart cards Recent Apple Security Updates In addition to new features and UX improvements, there were also a number of security fixes as well. Maybe the most interesting of the iOS/iPadOS security patches addressed a curious vulnerability in wireless network naming. It seems that if a user joined a Wi-Fi network named “%p%s%s%s%s%n”, their device’s Wi-Fi could be permanently disabled. As of this update, that vulnerability has been patched (though we still wouldn’t recommend joining weird Wi-Fi networks!). In addition to this, iOS 14.7 and iPadOS 14.7 fix serious issues with Apple’s audio, image, and font processing frameworks. Apple says that these bugs could have led to code execution on a device, or the bypass of certain system security features in some cases. On the Mac side, macOS 11.5 addresses some pretty serious Big Sur security issues as well, including: • An AMD Kernel bug that could have permitted a malicious app to run code with kernel privileges • A couple of Intel Graphics Driver flaws that could have resulted in crashes or code execution • An issue with Kext Management that could have let an app override a user’s Privacy preferences In addition to all of that, there were also fixes for several WebKit issues. We’ve talked about WebKit before: It’s the browser engine that powers just about everything Apple makes that can access the web. Unsurprisingly, these WebKit fixes showed up in every single OS update this time around. That means all of the ones already mentioned, plus the watchOS, tvOS, and older macOS version updates. Apple recommends that everyone update their OSes without delay. Pegasus Spyware: Everybody’s Problem The big Apple security story this month had nothing to do with updates: It was all about Pegasus spyware. The commercial spyware product, made by an Israeli firm called NSO Group, is sold to law enforcement and intelligence agencies around the world. Pegasus is a serious security and privacy threat. If it gets onto a mobile device, it can exfiltrate message data, photos, and emails. It can also be used to turn on the microphone and record calls. NSO Group says that their product is only intended to help the authorities combat crime and terrorism. But critics of NSO Group have long claimed that authoritarian regimes use the spyware as a tool of repression. Over the weekend, The Guardian published a joint investigation into NSO group’s Pegasus spyware that lent credence to that accusation. The journalists say that: Human rights activists, journalists and lawyers across the world have been targeted by authoritarian governments using hacking software sold by the Israeli surveillance company NSO Group. The authors of the report came to this conclusion after analyzing what they call “a massive data leak” of over 50,000 phone numbers. Those phone numbers are