Apple fixes zero-day flaws in WebKit for sophisticated attacks

Apple began rolling out iOS 26.2 on December 12, 2025, patching two zero-day WebKit vulnerabilities actively exploited in sophisticated targeted attacks, plus over two dozen other bugs. The update adds UI improvements like expanded Liquid Glass customization and app features for Apple Music, Podcasts, and more. Companion updates for iPadOS, macOS, watchOS, tvOS, and visionOS focus on convenience and security. At least half of iPhone owners have yet to update to iOS 26 or later, risking exposure.

2026년 01월 27일 AI에 의해 보고됨

Microsoft has issued an emergency patch for a worrying security flaw in its Office software. The vulnerability could allow hackers to access users' files if not updated promptly. The patch was released to address this critical issue.

Apple has updated iOS 26.2 exclusively for Japanese users to comply with the Mobile Software Competition Act, enabling third-party app stores (with 5% fees), alternative payments (with commissions), browser choice screens, and non-WebKit engines, alongside Notarization security checks. These follow similar pressures in Europe and come amid strong App Store revenue.

2026년 01월 17일 AI에 의해 보고됨

The GNU C Library has addressed a long-standing security vulnerability that dates back to 1996. This fix, identified as CVE-2026-0915, patches a flaw present in the library since its early versions. The update aims to enhance security for systems relying on this fundamental component of Linux distributions.

A security researcher has found that bugs in the Linux kernel often remain undetected for more than two years on average, with some persisting for over two decades. By analyzing 20 years of kernel development, Jenny Guanni Qu uncovered how these flaws quietly affect cloud systems, enterprises, and billions of devices. Her work highlights the challenges of maintaining secure open-source software.

2026년 01월 25일 AI에 의해 보고됨

Microsoft has rolled out a second out-of-band update for Windows 11 to resolve crashes in Outlook and issues with cloud-stored files. The patch targets bugs introduced by the company's January 2026 security update. This follows a previous emergency fix last week addressing shutdown and login problems.