[TheRecord] Apple patches iOS and macOS zero-day exploited in the wild

Apple has released security updates today to patch a new zero-day vulnerability that Google’s security team said it’s been exploited in the wild to compromise user devices.

Tracked as CVE-2021-30869, the vulnerability resides in XNU, the kernel component that ships with modern Apple systems.

According to Shane Huntley, head of the Google Threat Analysis Group, the XNU zero-day was part of a two-part exploit chain.

Huntley said attackers used the zero-day in conjunction with an already known WebKit vulnerability to execute malicious code inside a user’s browser and escalate privileges for their code to take over affected devices.

0day privilege escalation for macOS Catalina discovered in the wild by @eryeh https://t.co/yvCWPo45fL

We saw this used in conjunction with a N-day remote code execution targeting webkit.

Thanks to Apple for getting patch out so quickly.

— Shane Huntley (@ShaneHuntley) September 23, 2021

Huntley said his team plans to reveal more details about the attack after 30 days, giving users more time to apply patches before technical details are available online, something that may help other threat actors develop their own exploits as well.

Patches for the zero-day have been made available for macOS Catalin and iOS 12.5.5, suggesting that the exploit doesn’t work in recent iOS versions such as iOS 14 and 15.

macOS Catalin security updates are here.

iOS 12.5.5 security updates are here.

In addition, Apple has also backported patches for two other zero-days that it patched on September 13.

Initially patched for iOS 14, patches for CVE-2021-30860 and CVE-2021-30858 are now also available for old-gen iPhones running iOS 12.

The XNU zero-day marks the sixteenth zero-day Apple has patched in 2021.

The post Apple patches iOS and macOS zero-day exploited in the wild appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[ZDNet] Phishing continues to be one of the easiest paths for ransomware: report

All posts, ZDNet

A Cloudian survey found that 65% of ransomware victims reported phishing as the entry point despite conducting anti-phishing training sessions. Source: Read More (Latest topics for ZDNet in Security)

Read More

[NCSC-FI News] Social media phishing attacks are at an all time high

The targeting of social media is the highlighted finding in the 2021 Phishing report by cybersecurity firm Vade, who analyzed phishing attack patterns that unfolded throughout 2021 Vade also recorded a rise in the sophistication of phishing attacks, especially those targeting Microsoft 365 credentials, an evolution in the tech support scams, and the inevitable dominance […]

Read More

[HackerNews] Update‌ ‌Your Chrome Browser to Patch Yet Another 0-Day Exploit‌ed ‌in‌-the‌-Wild

All posts, HackerNews

Google has rolled out yet another update to Chrome browser for Windows, Mac, and Linux to fix four security vulnerabilities, including one zero-day flaw that’s being exploited in the wild. Tracked as CVE-2021-30554, the high severity flaw concerns a use after free vulnerability in WebGL (aka Web Graphics Library), a JavaScript API for rendering interactive 2D and 3D […]

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.