November 30, 2022
The American company Apple recognized the Algerian young man Abdelkader Al-Moez, who discovered one of the dangerous vulnerabilities in his security system, twice including his name in his honor list published on the company’s website.

And Abdul Qader Muweiz expressed his joy at this achievement, saying in a post on his Facebook page: “Praise be to God, by whose grace good deeds are done, today I have achieved one of the best achievements of my career, which I will be proud of what I was able to do it’s twice.”

The American company publishes this list every three months to express gratitude to people who reported potential security issues that could affect Apple’s web servers after the issue was identified and resolved.

An Algerian hacker revealed that the vulnerability is a type of cross-site scripting, or “xss” as it’s also called. This is one of the types of attacks that computer systems are exposed to. With this type of attack, some hackers or hackers try to inject code into pages viewed by others in an attempt to get their hands on important and sensitive information, and it can usually be found in Internet applications through the so-called injection programming. Abdel Kader explains that the second loophole is more dangerous than the first, as he was able to access the entire “admin” of the site through the Blind xss technology. This allowed him to access the site’s administrator account and view all of the users’ sensitive information on the site. The Algerian hacker indicated that other vulnerabilities are currently being considered and will be disclosed as soon as he receives a response and official confirmation from Apple.

And this month, Apple released statements advising owners of certain iPhones, iPads, and Macs to update driver software that contains a vulnerability that could allow them to be controlled.

The issue affects iPhone 6 and later, all iPad Pro devices, fifth-generation iPads and later, and all Macs, according to the Cupertino, California-based company’s website. , its headquarters. In April 2021, apps used on the iPhone were required to obtain permission from users if they wanted to collect data about them on other app usage and browsing.

Leave a Reply

Your email address will not be published.