Cyber Security Threat Summary:
Yesterday, Apple rolled out emergency security updates to fix a new zero-day flaw impacting iOS and iPadOS. Tracked as CVE-2023-42824, the bug stems from a weakness in the XNU kernel which could allow local attackers to escalate privileges on unpatched iPhones and iPads. Below is a list of the impacted products:
- iPhone XS and later
- iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Security Officer Comments:
Apple stated that CVE-2023-42824, may have been actively exploited against versions of iOS and before iOS 16.6, making it the 17th zero-day vulnerability exploited in attacks that Apple has addressed since the beginning of the year. Details of the latest exploitation attempts in the wild have yet to be released. However, just recently, the vendor addressed three other zero-days (CVE-2023-41991, CVE-2023-41992, and CVE-2023-41993) which were exploited in spyware attacks to install Cytrox’s Predator spyware. Prior to this, Apple also fixed two other zero-days (CVE-2023-41061 and CVE-2023-41064) which were also leveraged in attacks to deploy NSO Group’s Pegasus spyware on targeted devices
It's important to keep phones up to date and only install known, reputable applications because outdated software may contain security vulnerabilities that could be exploited by malicious actors. Additionally, unverified or suspicious applications can potentially compromise devices and personal data. Furthermore, companies must pay close attention to what they allow employees to access on their phones in terms of corporate data. BYOD policies and the intermingling of personal and company data make vulnerabilities like these even more challenging to mitigate.