November 30, 2023 at 02:49PM
Apple has patched 20 zero-day vulnerabilities in 2023, recently addressing two allowing attackers to exploit iPhones, iPads, and Macs via WebKit. The flaws enabled data access and code execution. Updates were issued for various devices and macOS versions. Google TAG identified the exploits, which historically targeted high-risk individuals.
Clear Takeaways from Meeting:
1. **Security Update Release:** Apple has issued emergency updates addressing two zero-day vulnerabilities exploited in attacks affecting iPhone, iPad, and Mac devices.
2. **Vulnerabilities Details:**
– Two vulnerabilities found in WebKit (CVE-2023-42916 and CVE-2023-42917).
– Issues allow attackers to read sensitive information and execute arbitrary code through crafted web content.
3. **Scope of Impact:**
– Vulnerabilities affect iOS versions before 16.7.1.
– Updated devices include iPhone XS and later models, certain iPad Pro, Air, and Mini models, and Macs running macOS Monterey, Ventura, and Sonoma.
4. **Updates Available:**
– iOS devices: update to 17.1.2.
– iPad devices: update to iPadOS 17.1.2.
– Mac devices: update to macOS Sonoma 14.1.2.
– Safari browser: update to 17.1.2.
5. **Solution Implemented:**
– Apple enhanced input validation and introduced better locking to mitigate these vulnerabilities.
6. **Reporting:**
– Google’s Threat Analysis Group (TAG) reported both zero-day vulnerabilities.
– No specific details disclosed by Apple on exploitation in the wild.
7. **Historical Data:**
– These two zero-days are the 19th and 20th vulnerabilities addressed by Apple in 2023.
– Google TAG also disclosed the XNU kernel zero-day (CVE-2023-42824).
– Citizen Lab and Google TAG reported three exploited zero-days (CVE-2023-41991, CVE-2023-41992, CVE-2023-41993) related to Predator spyware.
– Citizen Lab detailed two zero-days (CVE-2023-41061 and CVE-2023-41064) as being a part of the BLASTPASS chain used to install Pegasus spyware.
8. **Recommendation:**
– It’s crucial for users of impacted devices to update their software to the latest versions to protect against these vulnerabilities.