Skip to content Skip to footer

Apple Security Updates: Addressing Actively Exploited Flaws

has recently released security updates to address several security flaws in its software, including two vulnerabilities actively exploited in the wild. These vulnerabilities, known as CVE-2024-23225 and CVE-2024-23296, were found to be memory corruption issues in the Kernel and RTKit real-time operating system (RTOS), respectively. Attackers with arbitrary kernel read and write capabilities could exploit these vulnerabilities to bypass kernel memory protections.

While it is currently unclear how these flaws are weaponized in the wild, has stated that both vulnerabilities have been addressed with improved validation in its latest software updates. These updates are now available for various devices, including iPhone 8, iPhone 8 Plus, iPhone X, 5th generation, Pro 9.7-inch, Pro 12.9-inch 1st generation for iOS 16.7.6 and 16.7.6, and iPhone XS and later, Pro 12.9-inch 2nd generation and later, Pro 10.5-inch, Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later for iOS 17.4 and iPad 17.4.

This marks the third time has addressed actively exploited zero-day vulnerabilities in its software since the start of the year. In January 2024, the company patched a type confusion flaw in WebKit (CVE-2024-23222) that could result in arbitrary code execution. This flaw affected various devices, including iOS, iPadOS, macOS, tvOS, and Safari web browsers.

Meanwhile, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two flaws to its Known Exploited Vulnerabilities (KEV) catalog, urging federal agencies to apply necessary updates by March 26, 2024. These vulnerabilities include an information disclosure flaw affecting Android Pixel devices (CVE-2023-21237) and an operating system command injection flaw in Sunhillo SureLine that could result in code execution with root privileges (CVE-2021-36380).

In a June 2023 advisory, Google acknowledged that “CVE-2023-21237 may be under limited, targeted exploitation.” Fortinet had also revealed that a Mirai botnet called IZ1H9 had been leveraging the CVE-2021-36380 flaw to corral susceptible devices into a DDoS botnet.

Leave a comment

Newsletter Signup
Address

The Grid —
The Matrix Has Me
Big Bear Lake, CA 92315

01010011 01111001 01110011 01110100 01100101 01101101 00100000
01000110 01100001 01101001 01101100 01110101 01110010 01100101

Choice is an illusion created between those with power and those withoutMerovingian

Deitasoft © 2024. All Rights Reserved.