overview

In response to attacks aimed at hacking iPhones, iPads, and Macs, Apple issued urgent security updates that address two vulnerabilities, one of which is a zero-day vulnerability.  

The first vulnerability, tracked as CVE-2023-23529 [1,2], is a WebKit confusion zero-day that can lead to OS crashes and the execution of arbitrary code on compromised devices. This vulnerability can be exploited by opening a malicious web page and affects versions of iOS, iPadOS, and macOS, including Safari 16.3.1. The WebKit vulnerability is being exploited in the wild, but it is not clear as to how the vulnerability is being exploited in attacks. WebKit flaws impact every third-party web browser that is available for iOS and iPadOS due to Apple’s restrictions that require browser vendors to use the same rendering framework.  

The second vulnerability is tracked as CVE-2023-23514 and is a kernel use after free flaw that can also result in the execution of arbitrary code with kernel privileges on Macs and iPhones. This vulnerability could allow a rogue app to execute arbitrary code with the highest privileges.  

To minimize potential risks, it is recommended that users update to iOS 16.3.1, iPadOS 16.3.1, macOS Ventura 13.2.1, and Safari 16.3.1. Updates are available for iPhone 8 and newer, iPad Pro (all versions), iPad Air 3rd generation and newer, iPad 5th generation and newer, and iPad mini 5th generation and newer. Additionally, the updates are available for Macs that are operating on macOS Ventura, macOS Big Sur, and macOS Monterey. 

 

 

avertium's recommendations

 

 

INDICATORS OF COMPROMISE (IoCs)

At this time, there are no known IoCs associated with CVE-2023-23514 and CVE-2023-23529. Avertium’s threat hunters remain vigilant in locating IoCs for our customers. Should any be located, Avertium will disclose them as soon as possible. For more information on how Avertium can help protect your organization, please reach out to your Avertium Service Delivery Manager or Account Executive.   

 

 

How Avertium is Protecting Our CUSTOMERS

While Apple products are not widely used at an enterprise level, these devices could provide an attack vector to company executives. Avertium is raising awareness among our customers to patch this vulnerability before it’s too late.   


 

 

SUPPORTING DOCUMENTATION

Patch Now: Apple's iOS, iPadOS, macOS, and Safari Under Attack with New Zero-Day Flaw (thehackernews.com) 

Apple fixes new WebKit zero-day exploited to hack iPhones, Macs (bleepingcomputer.com) 

About the security content of macOS Ventura 13.2.1 - Apple Support 

About the security content of iOS 16.3.1 and iPadOS 16.3.1 - Apple Support 

 

 

 

Related Resource:  2023 Cybersecurity Landscape: 8 Lessons for Cybersecurity Professionals

Chat With One of Our Experts




Flash Notice Apple Apple Zero-Day Vulnerability Blog