Zero-Day Threat Alert: Hackers Target iPhones, iPads, and Macs

by | Feb 14, 2023 | News

Premium Content

Patreon

Subscribe to Patreon to watch this episode.

Reading Time: 3 Minutes

Apple’s Response to New Zero-Day Vulnerability

Apple has released emergency security updates to address a new zero-day vulnerability used in recent attacks to hack iPhones, iPads, and Macs. The zero-day, tracked as CVE-2023-23529, is a WebKit confusion issue that could lead to OS crashes and code execution on compromised devices.

In response, Apple has improved checks in the latest versions of iOS, iPadOS, and macOS, including iPhone 8 and later, iPad Pro, iPad Air, iPad 5th generation and later, iPad mini 5th generation and later, and Macs running macOS Ventura.

In addition to the zero-day vulnerability, Apple has also patched a kernel use after free flaw (CVE-2023-23514) reported by Xinru Chi of Pangu Lab and Ned Williamson of Google Project Zero.
This flaw could lead to arbitrary code with kernel privileges on Macs and iPhones, making it another critical threat to user security.

See Also: So you want to be a hacker?
Offensive Security, Bug Bounty Courses

Urgent Update Highly Recommended

Although the extent of the zero-day vulnerability’s exploitation is unknown, Apple has stated that they are aware of reports of in-the-wild exploitation. To protect your device and prevent potential attack attempts, it is highly recommended to install today’s emergency updates as soon as possible.

Apple has not released specific information regarding the exploitation of the zero-day vulnerability, likely to allow more users to update their devices before more attackers can develop and deploy their own custom exploits.

Apple Addresses Remotely Exploitable Zero-Day Flaw

This latest security update from Apple follows last month’s backported security patches for a remotely exploitable zero-day flaw discovered by Clément Lecigne of Google’s Threat Analysis Group, which was addressed for older iPhones and iPads.

Are u a security researcher? Or a company that writes articles or write ups about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing?

If you want to express your idea in an article contact us here for a quote: [email protected]

Source: bleepingcomputer.com

Source Link

Merch

Recent News

EXPLORE OUR STORE

Offensive Security & Ethical Hacking Course

Begin the learning curve of hacking now!


Information Security Solutions

Find out how Pentesting Services can help you.


Join our Community

Share This