[TheRecord] Apple patches iOS and macOS zero-day exploited in the wild

Apple has released security updates today to patch a new zero-day vulnerability that Google’s security team said it’s been exploited in the wild to compromise user devices.

Tracked as CVE-2021-30869, the vulnerability resides in XNU, the kernel component that ships with modern Apple systems.

According to Shane Huntley, head of the Google Threat Analysis Group, the XNU zero-day was part of a two-part exploit chain.

Huntley said attackers used the zero-day in conjunction with an already known WebKit vulnerability to execute malicious code inside a user’s browser and escalate privileges for their code to take over affected devices.

0day privilege escalation for macOS Catalina discovered in the wild by @eryeh https://t.co/yvCWPo45fL

We saw this used in conjunction with a N-day remote code execution targeting webkit.

Thanks to Apple for getting patch out so quickly.

— Shane Huntley (@ShaneHuntley) September 23, 2021

Huntley said his team plans to reveal more details about the attack after 30 days, giving users more time to apply patches before technical details are available online, something that may help other threat actors develop their own exploits as well.

Patches for the zero-day have been made available for macOS Catalin and iOS 12.5.5, suggesting that the exploit doesn’t work in recent iOS versions such as iOS 14 and 15.

macOS Catalin security updates are here.

iOS 12.5.5 security updates are here.

In addition, Apple has also backported patches for two other zero-days that it patched on September 13.

Initially patched for iOS 14, patches for CVE-2021-30860 and CVE-2021-30858 are now also available for old-gen iPhones running iOS 12.

The XNU zero-day marks the sixteenth zero-day Apple has patched in 2021.

The post Apple patches iOS and macOS zero-day exploited in the wild appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[BleepingComputer] Windows 11 may not get security updates on unsupported devices

Microsoft is turning a blind eye to a loophole that allows you to install Windows 11 on incompatible hardware but warns that your device may no longer receive security updates. […] Source: Read More (BleepingComputer)

Read More

Daily NCSC-FI news followup 2019-06-06

Microsoft and Oracle link up their clouds techcrunch.com/2019/06/05/microsoft-and-oracle-link-up-their-clouds/ Microsoft and Oracle announced a new alliance today that will see the two companies directly connect their clouds over a direct network connection so that their users can then move workloads and data seamlessly between the two. This alliance goes a bit beyond just basic direct connectivity […]

Read More

[ThreatPost] Podcast: IoT Piranhas Are Swarming Industrial Controls

All posts, ThreatPost

Enormous botnets of IoT devices are going after decades-old legacy systems that are rife in systems that control crucial infrastructure. Source: Read More (Threatpost)

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.