Apple: Security Patch Rollout Shields Older iPhones from Zero-Day Attacks

by | May 14, 2024 | News

Apple: Security Patch Rollout Shields Older iPhones from Zero-Day Attacks

Post Views: 103




Join our Patreon Channel and Gain access to 70+ Exclusive Walkthrough Videos.

Patreon
Reading Time: 3 Minutes

Apple has taken decisive action to safeguard older iPhones and iPads by backporting critical security patches released in March, effectively neutralizing a zero-day exploit targeting the iOS Kernel.

Patching the Past

In their latest security advisories, Apple reiterated their awareness of reports suggesting active exploitation of this vulnerability. The flaw, identified as a memory corruption issue within Apple’s RTKit real-time operating system, grants attackers arbitrary kernel read and write capabilities, circumventing essential kernel memory protections. Notably, the company has refrained from attributing the discovery of this vulnerability to any specific security researcher.

See Also: So, you want to be a hacker?
Offensive Security, Bug Bounty Courses




Discover your weakest link. Be proactive, not reactive. Cybercriminals need just one flaw to strike.

Strengthening Security Measures

Initially addressed on March 5th for newer iPhone, iPad, and Mac models, Apple has now extended these security updates to iOS 16.7.8, iPadOS 16.7.8, and macOS Ventura 13.6.7, incorporating enhanced input validation to mitigate the identified security flaw. The list of devices receiving these critical updates includes iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation.

While Apple has not disclosed the origins of CVE-2024-23296 or provided insights into the nature of the attacks exploiting it, the prevalence of state-sponsored spyware attacks underscores the urgency of installing today’s security updates. Even though this zero-day vulnerability may have been utilized in targeted attacks, prompt installation of the patches is strongly recommended to preempt any potential threats to older iPhone or iPad models.

Trending: Understanding the Advantages and Challenges of Zero Trust Security




Trending: Offensive Security Tool: 403jump

Apple’s proactive stance against zero-day vulnerabilities is evident in their track record, with three such vulnerabilities addressed since the beginning of the year. Additionally, with the rollout of iOS 17.5, Apple introduces support for unwanted tracking alerts, enhancing user privacy by notifying users of Bluetooth tracking devices attempting to monitor their location, aligning with similar capabilities introduced by Google for Android devices.

Trending: TunnelVision: The New VPN Bypass Technique Exposing Users to Surveillance

Are u a security researcher? Or a company that writes articles about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing? If you want to express your idea in an article contact us here for a quote: [email protected]

Source: bleepingcomputer.com

Source Link

Merch

Recent News

EXPLORE OUR STORE

Offensive Security & Ethical Hacking Course

Begin the learning curve of hacking now!

Information Security Solutions

Find out how Pentesting Services can help you.

Join our Community

Share This