Apple has taken security measures after a failed year

After a wave of security incidents, Apple took certain steps to ensure that in 2016 there were no problems with its software, which everyone could observe in recent months. Security measures were applied along with updates of its operating systems for mobile devices (iOS) and Mac (OS X), its television service (Apple TV), Safari web browser, and the operating system for its sensational smart watches (watchOS).

This step was driven by the alarming number of vulnerabilities that were present in its software. To give some idea of ​​the situation that Apple got into when updates were released for version 9.2 of the iOS operating system, it is necessary to say that over 50 security incidents were detected, while the number of problems with OS X reached over a hundred.
')
Apple released security updates for operating systems running on iPhones, Macs, Apple TVs and various versions of smartwatches, as well as for Xcode and Safari.

• Xcode updates (v7.2) contain fixes for four bugs, Safari (v9.0.2) has 12 (all in Webkit), most of which can lead to arbitrary code execution if a user visits a malware-infected website.

• Update tvOS (v9.1) closes 48 security breaches, including the above 12 bugs in Safari. Most other security holes can be triggered by malicious applications, infected images and web sites, and they can lead to the arbitrary execution of code, most often associated with the kernel or system rights. An incident with memory corruption in SSL protocol handling can be remotely used by a hacker to execute code on a TV device.

• iOS 9.2 fixes 50 vulnerabilities, many of which are vulnerabilities that allow remote execution of any code in various components of iOS. watchOS 2.1 contains many of the same fixes as in iOS 9.2 (fixes in WebKit are excluded).

• OS X El Capitan 10.11.2 (and security updates 2015-008 for Mavericks and Yosemite) fixes 54 incidents, including a couple of incidents in PHP, a few - in LibreSSL, which may allow a malicious application to pretend to be Keychain Server, as well as a memory corruption incident. when processing the SSL protocol. Also several stability issues have been fixed.

This update also contains the security content of Safari 9.0.2., In addition, now the plug-in web browser for QuickTime 7 is no longer enabled by default.



Nearly half of these vulnerabilities allowed cyber-criminals to seize control of the device by connecting to it through an involuntarily installed malicious application.
It seems odd that Apple has to patch security holes in its software, while its fans have vehemently boasted for many years that no malware and risk can tarnish the brilliance of their favorite brand.

However, it turned out that they were greatly mistaken, since over the years, there was still no threat to these operating systems, and recent years have been one of the most nightmarish for the company in this regard.

According to a recent study, the number of malicious programs created for the Mac operating system in 2015 was five times more than the total number of threats created over the past five years. Thus, the security level of Apple devices and its users has reached a very low level.



This bad news, on the other hand, has some good moments for Apple: if more and more malware samples are created for its operating systems, this means that the brand is becoming increasingly popular. Up to this point, given that Windows (or Android in the case of mobile devices) had the lion’s share of the market, it was quite logical to assume that cyber criminals would have put more effort into exploiting vulnerabilities in the Microsoft operating system.

However, this growth means that Apple is now becoming an increasingly attractive target for cyber criminals, because they will be able to get more revenue from their malware. Apple has managed to end the year by covering many security flaws in its software, but this is only the beginning: it’s likely that next year will show us even more security breaches that need to be closed.