Apple’s continuous efforts to combat zero-day exploits on its flagship iOS platform have once again come into the spotlight. The tech giant recently addressed a critical kernel vulnerability in iOS 17, which had already been exploited in the wild.
Key Highlights:
- Apple releases a patch for two significant vulnerabilities in iOS 17.
- The exploited CVE-2023-42824 kernel vulnerability allows local attackers to elevate privileges.
- This marks the 16th documented in-the-wild zero-day against Apple’s devices.
- Majority of these attacks are linked to spyware vendors selling surveillance products.
- The latest iOS 17.0.3 update also addresses a buffer overflow vulnerability in WebRTC.
The Zero-Day Exploit in Detail:
Apple’s cat-and-mouse game with zero-day exploits continues to be a significant concern. The Cupertino-based tech behemoth recently rolled out a patch to address a pair of severe vulnerabilities, with one of them already being exploited as a zero-day in the wild. This vulnerability, identified as CVE-2023-42824, allows a local attacker to elevate their privileges, hinting at its use in a sophisticated exploit chain in observed cyberattacks.
Apple has acknowledged the vulnerability, stating that it might have been actively exploited against versions of iOS predating iOS 16.6. However, the company has refrained from providing further details on the matter.
The Larger Picture:
This recent exploit is not an isolated incident. According to data tracked by SecurityWeek, this is the 16th documented in-the-wild zero-day targeting Apple’s iOS, iPadOS, and macOS-powered devices. A significant portion of these attacks can be traced back to mercenary spyware vendors who sell surveillance products, highlighting the lucrative market for such exploits.
Additional Vulnerabilities:
Apart from the zero-day kernel vulnerability, the latest iOS 17.0.3 and iPadOS 17.0.3 updates also address another critical issue. A buffer overflow vulnerability was discovered in WebRTC, which could potentially expose mobile devices to arbitrary code execution attacks. Apple has addressed this issue by updating to libvpx 1.13.1.
Protecting Against Threats:
In light of these vulnerabilities and the potential threats they pose, Apple is urging its users, especially those frequently targeted, to enable lockdown mode. This measure can significantly reduce exposure to mercenary spyware exploits, ensuring enhanced security for users.
Summary:
Apple’s recent announcement about the zero-day kernel vulnerability in iOS 17 underscores the ongoing challenges tech giants face in ensuring device security. With this being the 16th documented in-the-wild zero-day against Apple’s devices, it’s evident that the battle against cyber threats is far from over. While Apple has addressed the current vulnerabilities, users are advised to remain vigilant and adopt recommended security measures to safeguard their devices.
