CTI Flash Briefing:
Apple Patches Three 0-Day Vulnerabilities used to Hack iPhones and Macs
Breakdown
Apple has released security updates to fix three zero-day vulnerabilities that were being exploited by attackers to hack iPhones and Macs. The vulnerabilities affected the Safari web browser, the Mail app, and the kernel. Users should install the security updates as soon as possible to protect themselves from these vulnerabilities.
Overview
The vulnerabilities are being exploited by attackers to gain control of the targeted devices. In some cases, the attackers were able to install malware on the devices that could steal data or control the devices remotely.
Here are some additional details about the vulnerabilities:
The security bugs were all found in the multi-platform WebKit browser engine and are tracked as CVE-2023–32409, CVE-2023–28204, and CVE-2023–32373.
The first vulnerability is a sandbox escape that enables remote attackers to break out of Web Content sandboxes.
The other two are an out-of-bounds read that can help attackers gain access to sensitive information and a use-after-free issue that allows achieving arbitrary code execution on compromised devices, both after tricking the targets into loading maliciously crafted web pages (web content).
Apple addressed the three zero-days in macOS Ventura 13.4, iOS and iPadOS 16.5, tvOS 16.5, watchOS 9.5, and Safari 16.5 with improved bounds checks, input validation, and memory management.
Apple has not disclosed any information about who was exploiting these vulnerabilities or what their goals were. However, it is likely that the vulnerabilities are being exploited by state-sponsored actors or other sophisticated attackers.
Recommendation
To protect yourself from these vulnerabilities, you should install the security updates that Apple has released as soon as possible. You can also take the following steps to improve your security:
- Use a strong password manager to create and store strong passwords for all online accounts.
- Enable two-factor authentication for all online accounts that support it.
- Be careful about what websites you visit and what links you click on.
- Keep your software up to date.
- Use a firewall and antivirus software.
Conclusion
To our current SOC partnerships, please reach out to our SOC team to learn more about the best steps in researching your exposure to this threat. If you have any questions on this on-going event or need any level of security assistance, please reach out to Hunter Strategy and we will be happy to discuss next steps in securing your IT systems!
Contact Us
contact@hunterstrategy.net
