Agilient Security Consultants Australia

The Best Security Consultants

Contact Us

Apple recently patched a zero-day security vulnerability in their WebKit browser engine, issuing updates for iOS, iPadOS, and macOS that otherwise could have allowed attackers to execute code remotely on affected devices. Successful exploitation of this bug allows attackers to execute arbitrary code on iPhones and iPads, running vulnerable versions of iOS and iPadOS after processing maliciously crafted web content.

Apple addressed CVE-2022-22620 with improved memory management in iOS 15.3.1, iPadOS 15.3.1, and macOS Monterey 12.2.1.

MacOS Monterey 12.2 patches a total of 13 vulnerabilities, and also promises to bring smoother scrolling to MacBooks, fixing a previously reported scrolling issue in Safari.

Third Zero-Day Patch This Year

In January, Apple patched two other zero-day vulnerabilities that could have allowed threat actors to achieve arbitrary code execution with kernel privileges (CVE-2022-22587), and track browsing activity and user identities in real-time (CVE-2022-22594).

Apple have had to deal with a stream of zero-days exploited in the wild that targeted iOS, iPadOS and macOS devices.

How To Identify Zero-Day Attacks

Organizations that are attacked by a zero-day exploit might see unexpected traffic or suspicious scanning activity originating from a client or service. Some zero-day detection techniques include:

  • Vulnerability Scanning: Security vendors who offer vulnerability scanning solutions can simulate attacks on software code, conduct code reviews, and attempt to find new vulnerabilities that may have been introduced after a software update.
  • Patch Management: The three most common types of patches are security patches, bug fixes, and feature updates.
  • Input Validation and Sanitization: Input validation solves many of the issues inherent in vulnerability scanning and patch management.
  • Zero-Day Initiative: A program established to reward security researchers for responsibly disclosing vulnerabilities, instead of selling the information on the black market.

For more information on keeping your device updated, and how to avoid being hacked, please contact us.

Author: Mahdi Kobeissi, Agilient Consultant

Tweet
Share