Apple has released security updates to counter an actively exploited zero-day flaw identified in iOS and iPadOS. Tracked as CVE-2023-42824, this kernel vulnerability could potentially allow a local attacker to escalate their privileges.
Details:
Nature of Vulnerability: The flaw, CVE-2023-42824, pertains to a kernel vulnerability that can be exploited by a local attacker to elevate their privileges. Apple has responded by implementing enhanced checks to mitigate this issue.
Exploitation Status: Apple acknowledges that the vulnerability may have been actively exploited in versions of iOS predating iOS 16.6. Further specifics about the attacks and the threat actors behind them are currently undisclosed.
Additional Security Patch: Apple's latest update also addresses CVE-2023-5217, related to a heap-based buffer overflow in the VP8 compression format in libvpx, as described by Google.
List of Affected Devices: The patches (iOS 17.0.3 and iPadOS 17.0.3) are applicable to various devices including iPhone XS and later, as well as various iPad models.
Cumulative Response: With this recent patch, Apple has effectively addressed a total of 17 zero-days that were actively exploited in its software since the beginning of the year.
Prior Incidents: This update follows a previous release two weeks ago, which addressed three issues (CVE-2023-41991, CVE-2023-41992, and CVE-2023-41993) that were exploited by the Israeli spyware vendor Cytrox to deliver the Predator malware.
Analysis and Recommendations:
It's important to note that while CVE-2023-41992 and CVE-2023-42824 both involve kernel vulnerabilities, any direct connection between the two is yet to be confirmed. As a precaution, users are advised to enable Lockdown Mode to reduce their exposure to potential spyware exploits.
Conclusion:
Apple's swift response in patching actively exploited vulnerabilities underscores its commitment to user security. These measures are essential in safeguarding devices against emerging threats and ensuring the privacy of its users.
