back to article Apple patches zero-day vulnerability in iOS, iPadOS, macOS under active attack

Apple on Monday patched a zero-day vulnerability in its iOS, iPadOS, and macOS operating systems, only a week after issuing a set of OS updates addressing about three dozen other flaws. The bug, CVE-2021-30807, was found in the iGiant's IOMobileFrameBuffer code, a kernel extension for managing the screen frame buffer that …

  1. 45RPM Silver badge

    I remember actively exploiting a flaw in the abacuses at infant school many decades ago. If you ‘shook’ them, the memory would become corrupted. If you were really determined you might force a ‘frame error’, and they’d dump their memories entirely. All over the floor. Mrs Robinson was not happy.

    1. Anonymous Coward

      Ah, the days when a "silicon interface" was a bucket and spade

    2. Anonymous Coward
      Anonymous Coward

      Here's to you Mrs Robinson

  2. TVC

    Don't remember having all this trouble with transistor systems and ferrite ring memory.

    1. DJV Silver badge

      Yeah, but Crysis ran like a dog on them...

      1. Steve Button Silver badge

        Dogs are really fast

        Have you ever tried to catch a dog? They ain't slow. Especially if they have the ball and they don't want you to get it. Why do we say this?

        1. 45RPM Silver badge

          Re: Dogs are really fast

          For that matter, why does something fast go like a stabbed rat. I’d have thought that a stabbed rat wasn’t in much of a position to go anywhere, let alone quickly.

          A pricked rat might be quite nippy, but again it depends on what you prick it with.

          1. Ivan Headache

            Re: Dogs are really fast

            Why do commenters suggested that things should be "nuked from Orbit"?

            Surely that would present even bigger problems.

            1. Irongut

              Re: Dogs are really fast

              Because they have watched Aliens. They are paraphrasing a line from the movie.

              1. yetanotheraoc Silver badge

                Re: Dogs are really fast

                Yes but in Aliens they were leaving the planet behind.

          2. Irongut

            Re: Dogs are really fast

            Not heard that one, I'd have gone for as fast as snot off a stick or perhaps shit through a goose.

          3. JassMan

            Re: Dogs are really fast@45RPM

            For that matter, why does something fast go like a stabbed rat

            I have always heard that as "startled rat" so it seems someone has been propagating a typo.

            Just realised that dogs are fast at 45rpm be not as fast as 78

            - just showing my age

        2. tfewster

          Re: Dogs are really fast

          IIRC*, the full saying is "ran like a dog with three legs", i.e. slowly and limping.

          * Weirdly, the internet doesn't seem to have heard of that etymology. Another thing that I've "known" for decades that turns out to be wrong?!

          1. big_D Silver badge

            Re: Dogs are really fast

            That is how I remember it, from when I was growing up. But it seems to have been abbreviated over the years, so that it no longer makes any sense.

          2. Michael Wojcik Silver badge

            Re: Dogs are really fast

            Did you look for variants? I've heard "like a three-legged dog".

            Google nGram viewer suggests my variant is much more common since about 1890.

        3. Tim99 Silver badge

          Re: Dogs are really fast

          A local one in Oz "Like shit off a well greased shovel". The original probably goes back to steam engine firemen’s shovels, where grease wasn’t usually required…

          1. Nick Ryan Silver badge

            Re: Dogs are really fast

            That's around here too (UK) but it's "like shit off a shovel" - no greasing mentioned at all.

            I always took it that if you were shovelling shit that you'd want it to be as far away from you as quickly as possible.

  3. big_D Silver badge

    4 months...

    Sorry, the researcher discovered it 4 months ago, but was going to report it next month?

    Cybersecurity is a fast moving world. Waiting 4 months to report a bug is never a good idea.

    1. 45RPM Silver badge

      Re: 4 months...

      I found a fire in the building. Think I’ll report it tomorrow.

      1. WolfFan Silver badge

        Re: 4 months...

        That depends. Is the building Mar-a-Lago? If so, it dan wait, there’s nothing important in there.

    2. Michael Wojcik Silver badge

      Re: 4 months...

      To be precise, one researcher discovered it four months ago and was planning to report it (but hadn't gotten to it yet). Another researcher did report it. (It's safe to assume they weren't the only two to find it.)

      This is fairly common in the industry, because researchers often run across a lot of PSVs (Potential Security Vulnerabilities) and make note of them to investigate whether they're exploitable. Many PSVs aren't – for example, most null dereferences, unless you can chain them to an exception-handling (or similar) vulnerability, or unless you're interested in a DoS. So it's not uncommon to have a backlog of "oh, here's misbehavior that might be a vulnerability" items on your list.

      And many vendors will ignore reports that don't have a convincing PoC, so there's little incentive to simply report a crash or the like.

    3. Charlie Clark Silver badge

      Re: 4 months...

      Welcome to the real world, which also includes Apple's not so stellar bug fixing policy. It's quite likely that the work required to submit the bug was one of the things that put him off.

  4. Andy 97

    Of course, an update where 5 minutes really means 38 minutes.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like