In the ever-evolving world of cybersecurity, staying updated with the latest threats and vulnerabilities is paramount. As your trusted Managed Service Provider, Jaxcom is committed to keeping you informed about the most recent developments in the tech world. Today, we’re diving deep into the latest iOS updates that address critical vulnerabilities.
Two Zero-Day Vulnerabilities Patched by Apple
Apple has recently patched two zero-day vulnerabilities that were exploited to deliver the notorious Pegasus spyware. These vulnerabilities are identified as CVE-2023-41064 and CVE-2023-41061.
- CVE-2023-41064: This is a buffer overflow vulnerability found in the ImageI/O framework, which is responsible for reading and writing most image file formats. A maliciously crafted image can trigger this vulnerability, leading to arbitrary code execution. This issue was reported by The Citizen Lab at The University of Torontoʼs Munk School.
- CVE-2023-41061: This vulnerability pertains to a validation issue in Apple’s Wallet app, where users store payment cards, IDs, event tickets, and more. A maliciously crafted attachment can exploit this vulnerability, leading to arbitrary code execution. Interestingly, while this vulnerability was discovered by Apple, it was during their collaboration with The Citizen Lab, likely while validating the existence of CVE-2023-41064.
Implications of the Exploits
The exploit chain, named BLASTPASS by Citizen Lab, was capable of compromising iPhones running the latest iOS version (16.6) without any user interaction. The exploit involved malicious PassKit attachments sent via iMessage from an attacker to the victim.
This discovery was made when Citizen Lab analyzed a device belonging to an individual from a Washington DC-based civil society organization with international offices. The findings underscore the fact that civil society remains a target for sophisticated exploits and mercenary spyware.
Protecting Your Devices
Both vulnerabilities have been addressed in the iOS 16 branch. Additionally, fixes for these vulnerabilities have been included in the latest security updates for macOS Ventura (13.5.2) and watchOS 9.6.2. It’s expected that these patches will soon be backported to older iOS, iPadOS, and macOS branches.
For the majority of users, updating devices promptly is the best defense. However, for those at a higher risk of targeted cyberattacks with spyware like Pegasus, activating Lockdown Mode is recommended. The Citizen Lab and Apple’s Security Engineering and Architecture team have confirmed that Lockdown Mode effectively blocks this specific attack.
Another proactive measure for users running the latest Apple operating systems is to enable Apple Rapid Security Response. This feature ensures that security patches are automatically installed as soon as they become available.
At Jaxcom, we believe in proactive cybersecurity. Understanding threats, vulnerabilities, and the necessary countermeasures is the first step in ensuring your digital safety. We urge all our clients and readers to update their Apple devices immediately to benefit from these critical security patches.
Stay safe, stay updated, and remember, Jaxcom is always here to assist with your cybersecurity needs.
For more updates and insights, keep following the Jaxcom blog.