Xinhuanet, Tianjin, December 6 (reporter Zhang Jianxin) the National Computer Network Intrusion Prevention Center released a weekly Security Vulnerability Report on the 6 th, saying that a total of 79 security vulnerabilities were found within one week from January 1, November 29-12 to November 5, of which 24 were high-risk vulnerabilities, the total volume has increased compared to the previous week.
Major security vulnerabilities that affect Chinese users include a permission escalation vulnerability found in Apple iOS and a denial of service vulnerability found in Linux kernel. Attackers exploit these security vulnerabilities, which may cause local users to gain privileges or cause denial of service, resulting in memory damage, affecting the confidentiality, integrity, and availability of information, and threatening user privacy and security.
Zhang yuqing, Managing Director of the National Computer Network Intrusion Prevention Center, said that the most noteworthy is a permission escalation vulnerability found on Apple's iOS system. Apple iOS is an iPhone mobile operating system developed by Apple. In versions earlier than Apple iOS 4.2, Networking accessed invalid pointers during packet filtering rule processing, allowing local users to gain privileges by exploiting this vulnerability. Currently, the vendor has released corresponding patches. We recommend that you download them in time to ensure system security.
In addition, it is worth noting that a denial of service vulnerability is found in Linux kernel. The affected software is a version earlier than Linux kernel 2.6.36. There are already available update programs. We recommend that you update them to the latest version in time to avoid attacks.
To protect the security of users' computers and systems, the National Computer Network Intrusion Prevention Center recommends that users update patches in a timely manner. patches can be officially downloaded from software vendors and files of unknown websites and unknown origins are not easily opened, install anti-virus software and upgrade the virus database to the latest version.