Apples Zero-Day Woes Continue

  /     /     /  
Publicated : 23/11/2024   Category : security


Apples Zero-Day Woes Continue


Two new bugs in macOS and iOS disclosed this week add to the growing list of zero-days the company has rushed to patch over the past year.



Apples expanding footprint in enterprise organizations appears to have made its technologies a growing focus area for security researchers.
The company this week rushed out emergency patches for two zero-day vulnerabilities in its macOS and IOS technologies that the company said are being actively exploited. The flaws are present in macOS Catalina, BigSur, and Monterey; in devices running iOS and iPadOS; and Apple tvOS and watchOS.
One of the two zero-days for which Apple issued an update this week exists in the AppleAVD media file decoder that is present in multiple supported macOS versions as well as iOS and iPadOS. Apples sparse vulnerability disclosure described the flaw (
CVE-2022-22675
) as resulting from an out of bounds write issue and providing attackers with an opportunity to execute arbitrary code at the kernel level. Apple said it is aware of a report about the flaw being actively exploited.
Apples latest macOS Monterey 12.3.1, iOS 15.4.1, and iPadOS 15.4.1 includes improved bounds checking to address the issue, the company noted.
The second zero-day for which Apple issued a fix (
CVE-2022-22674
) exists in macOS and has to do with an out-of-bounds read issue that enables application to read kernel memory. The flaw, which also is being actively exploited, might lead to the contents of kernel memory being disclosed, Apple said in another advisory with very little information.
The flaws are the latest in a growing number of zero-day vulnerabilities that researchers have discovered in Apples products in recent months. The latest disclosures bring to at least four
the total number
of zero-days that Apple has disclosed this year alone. In January, the company disclosed
two similar
zero-days, at least one of which was likely being exploited at the time of patch release.
In 2021, as many as 12 of 57 zero-day threats — or more than 20% — that researchers from Googles Project Zero
tracked
were Apple related. Impacted technologies included Apples macOS, iOS, iPadOS, and WebKit. In several cases, the flaws were being actively exploited by the time Apple had released a fix for them.
Exacerbating the issue is the emergence of malware targeted at Mac and iOS environments. A
study of Apple malware
in 2021 that security researcher Patrick Wardle released in Jan. 2022 showed there were at least eight significant malware tools last year that targeted macOS. The list included ElectroRAT, a cross-platform malware for remote code execution;
Silver Sparrow
, targeted at Apples M1 chip-based systems; and MacMa, a macOS implant believed to be the work of a nation-state actor.
Growing Focus Area
One reason for the growing number of flaws could be increasing code complexity, says Mike Parkin, senior technical engineer at Vulcan Cyber. As code gets more complex, theres a higher chance of vulnerabilities creeping into it. Apples iOS and MacOS code bases have been evolving for years, growing more complex, so it would not be surprising to see more vulnerabilities emerge.
Another likely possibility is that threat actors are seeing greater returns from attacking the Apple ecosystem, Parkin says. There are millions of iOS and MacOS users in the world, and the attackers will focus on where they can get the most mileage out of their efforts, he says.
A global survey that Dimensional Research conducted last year for Apple device management vendor Kandji found that employee use of Apple devices has grown significantly over the past two years, at least partly because of increased remote work. Seventy-six percent of survey respondents said more employees at their organizations were using Apple devices — Mac notebooks specifically — compared to two years ago.
Threat actors arent going to abandon other threat surfaces, but their economics may have shifted to make the Apple space more inviting, Parkin says.

Last News

▸ Website hacks happened during World Cup final. ◂
Discovered: 23/12/2024
Category: security

▸ Criminal Possession of Government-Grade Stealth Malware ◂
Discovered: 23/12/2024
Category: security

▸ Senate wants changes to cybercrime law. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Apples Zero-Day Woes Continue