Apple’s Emergency Updates Address Exploited iOS Zero-Day Vulnerabilities

by | Mar 6, 2024 | News

Apple's Emergency Updates Address Exploited iOS Zero-Day Vulnerabilities

Post Views: 688




Join our Patreon Channel and Gain access to 70+ Exclusive Walkthrough Videos.

Patreon
Reading Time: 3 Minutes

Apple has issued emergency security updates in response to the exploitation of two zero-day vulnerabilities in iOS, prompting urgent action to safeguard iPhone users from potential cyber threats.

The vulnerabilities, identified in the iOS Kernel (CVE-2024-23225) and RTKit (CVE-2024-23296), granted attackers arbitrary kernel read and write capabilities, enabling them to bypass critical kernel memory protections.

In its advisory released on Tuesday, Apple acknowledged awareness of reported exploits targeting these vulnerabilities, prompting swift action to mitigate potential risks. The company swiftly addressed the security flaws in iOS 17.4, iPadOS 17.4, iOS 16.76, and iPad 16.7.6 through enhanced input validation mechanisms.

Extensive Impact

A wide array of Apple devices, including iPhone XS and later, iPad Pro models, and various iPad generations, are impacted by these vulnerabilities.

See Also: So, you want to be a hacker?
Offensive Security, Bug Bounty Courses




Discover your weakest link. Be proactive, not reactive. Cybercriminals need just one flaw to strike.

Ongoing Threats

While the origins of the disclosed zero-days remain undisclosed by Apple, such vulnerabilities are frequently exploited in state-sponsored surveillance operations targeting high-profile individuals like journalists and political dissidents.

Though no ongoing exploitation in the wild has been reported by Apple, the urgency of installing the security updates cannot be overstated, especially considering the potential risks associated with unpatched devices.

Trending: Analyzing Microsoft’s NBNS and BOOTP Protocols with Wireshark for Red Teaming




Trending: Offensive Security Tool: Upload_Bypass

These recent patches mark Apple’s continued efforts to address security vulnerabilities, with a total of three zero-days fixed thus far in 2024. Last year, the company tackled a staggering 20 zero-day exploits, highlighting the persistent threat landscape faced by iPhone users.

Urgent Call to Action

Apple urges all users to promptly install the latest updates to safeguard their devices against potential attacks. Given the history of targeted exploitation, timely action is crucial to ensure the security and integrity of iPhone devices.

Trending: LiteSpeed Cache Plugin Exposes 5 Million WordPress Sites to Privilege Escalation

Are u a security researcher? Or a company that writes articles about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing? If you want to express your idea in an article contact us here for a quote: [email protected]

Source: bleepingcomputer.com

Source Link

Merch

Recent News

EXPLORE OUR STORE

Offensive Security & Ethical Hacking Course

Begin the learning curve of hacking now!

Information Security Solutions

Find out how Pentesting Services can help you.

Join our Community

Share This