Pair of Apple Zero-Days Under Active Exploit; Patch & Update Accordingly

  /     /     /  
Publicated : 23/11/2024   Category : security

Pair of Apple Zero-Days Under Active Exploit; Patch & Update Accordingly


Unpatched Macs, iPhones, and iPads open to browser takeover and system kernel-level malicious code execution, Apple warns.


On April 7, Apple released two security updates warning about two zero-day vulnerabilities under active exploit in the wild. By April 10, those were added to the Cybersecurity and Infrastructure Security Agency (CISA) known exploited vulnerabilities (KEV) list.
The impact of the
two vulnerabilities is widespread
, affecting macOS Ventura 13.3.1 for Apple Macs, in addition to the iOS 16.4.1 and iPadOS 16.4.1 operating systems used to run iPhones and iPads, according to Apple.
The first bug,
CVE-2023-28205
, is a flaw in Apple iOS, iPad OS, macOS, and Safari WebKit that could lead to code injection while
processing malicious Web content
, CISA explained. The second,
CVE-2023-28206
, affects Apple iOS, iPadOS, and macOS IOSurfaceAccelerator that, worryingly, could allow a malicious app to execute code with kernel privileges, CISA said.
Apple has issued updates for iOS 16 and iPad OS 16. Other macOS versions including Big Sur Monterey, and Ventura have patches that need to be installed, and as Sophos pointed out in a separate advisory, its still unclear whether the bugs will
impact iOS 15 users
with older devices.
Both issues were reported by Clément Lecigne of Googles Threat Analysis Group and Donncha Ó Cearbhaill of Amnesty Internationals Security Lab, giving cybersecurity experts reason to believe the flaws are being exploited by state actors to deploy spyware.
It is interesting that Amnesty Internationals Security Lab was one of the organizations involved in finding reporting the issue, Mike Parkin, senior technical engineer with Vulcan Cyber explained in a statement provided to Dark Reading. While Apple hasnt said much about the exploits, it seems likely, given the reporting and earlier history, that the exploits were deployed by state-level threat actors.

Last News

▸ ArcSight prepares for future at user conference post HP acquisition. ◂
Discovered: 07/01/2025
Category: security
▸ Samsung Epic 4G: First To Use Media Hub ◂
Discovered: 07/01/2025
Category: security
▸ Many third-party software fails security tests ◂
Discovered: 07/01/2025
Category: security


Cyber Security Categories
Google Dorks Database
 		Exploits Vulnerability
 		Exploit Shellcodes

CVE List
 		Tools/Apps
 		News/Aarticles

Phishing Database
 		Deepfake Detection
 		Trends/Statistics & Live Infos



Tags:
Pair of Apple Zero-Days Under Active Exploit; Patch & Update Accordingly