![]() ![]() If your Mac is running the latest Ventura OS, then simply update to macOS 13.3.1.If you own an older iPhone or iPad that no longer supports the latest OS, then you must update to version 15.7.5.If you have one of the latest iOS, iPadOS or tvOS devices, then you should update the operating system to version 16.4.1.Here’s what you need to do, depending on the device in question: Of course, the best way to protect against CVE-2023-28205 and CVE-2023-28206 is to promptly install the new Apple updates. How to protect yourself against the described vulnerabilities Moreover, since CVE-2023-28205 and CVE-2023-28206 have already become public knowledge and a proof of concept has already been published for the second vulnerability, it’s likely that other cybercriminals will start to exploit them too. As usual, Apple is not releasing any details, but by all accounts, the chain of vulnerabilities described above is already being actively used by unknown attackers to install spyware. And it seems that something similar is happening in this case. Often, such vulnerabilities are exploited in targeted attacks on powerful people or large organizations (although regular users can also get hit if they have the bad luck to land on an infected page). That is, the device is infected without any active action by the user - it’s enough just to lure them to a specially made malicious site. Vulnerabilities in WebKit, such as the one described above, make possible the so-called “zero-click” infection of an iPhone, iPad or Mac. That’s why it’s so important to promptly install any new updates related to Safari, even if you mainly use a different browser such as Google Chrome or Mozilla Firefox. Sometimes it might not even look like a web page, but WebKit will still be involved in displaying it. Moreover, the same engine is also used when web pages are opened from any other application. Whichever browser you use on your iPhone, WebKit will still be used to render web pages (so any browser on iOS is essentially Safari). The WebKit engine is the only browser engine that’s allowed on Apple’s mobile operating systems. Not only are the latest generations of these operating systems vulnerable, but previous ones are too, so Apple has released updates (one after the other) for a whole range of systems: macOS 11, 12 and 13, iOS/iPadOS 15 and 16, and also tvOS 16. The vulnerabilities can be found in both macOS desktop operating systems and mobile ones: iOS, iPadOS and tvOS. The second, in turn, allows you to “escape from the sandbox” and do almost anything with the infected device. Thus, these two vulnerabilities can be used in combination: the first serves to initially penetrate the device so that the second can be exploited. Attackers can use it to execute code with operating system core permissions. The second vulnerability - CVE-2023-28206 (threat level “high” ) - was discovered in the IOSurfaceAccelerator object. The essence of this vulnerability is that, using a specially made malicious page, the bad guys can execute arbitrary code on a device. The first one - named CVE-2023-28205 (threat level: “high” ) - concerns the WebKit engine, which is the basis of the Safari browser (and not only that more details below). In total, two vulnerabilities were discovered. But let’s take it step by step… Vulnerabilities in WebKit and IOSurfaceAccelerator ![]() The vulnerabilities are so critical that, to combat them, Apple rapidly released updates not only for the latest operating systems, but also for several previous versions. No sooner had we written about vulnerabilities in both Apple and Microsoft operating systems, as well as in Samsung Exynos chips, allowing the hacking of smartphones without any action on the part of their owner, than news broke about a couple of very serious security holes in both iOS and macOS - besides the ones that attackers were already exploiting. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |