Network Security
Vulnerability Management
Privileged Access Management
Endpoint Security
Threat Hunting
Unified Endpoint Management
Email & Collaboration Security
Contents:
Earlier this week, Apple released updates to reinforce their security against a new zero-day vulnerability that could lead to the execution of malicious code.
Old CVE-2022-42856 is a type of confusion issue within the WebKit browser engine. This can be triggered when processing specially-crafted content, which leads to arbitrary code execution.
The company said it is “aware of a report that this flaw has been actively exploited against versions of iOS before 15.1.”
The nature of these attacks is uncertain, but it’s likely to be a case of social engineering or a watering hole. The device would be infected when they visited a rogue domain or some other site that had been compromised.
It’s important to note that using a third-party web browser for iOS, like Google Chrome or Mozilla Firefox, will be restricted to the WebKit rendering engine.
This critical security flaw was reported by Clément Lecigne of Google’s Threat Analysis Group (TAG) and has been fixed by Apple in the iOS-15.7.2 release.
This update is available in Safari 16.2, macOS Ventura 13.1, TVOS 16.2, iPad 15.7.2, and iOS 15.7.2 for iPhone and iPad users, two weeks after the same bug was patched in iOS-16.1.2 on November 30, 2022.
The fix marks the resolution of the tenth zero-day vulnerability discovered in Apple software since the start of the year. It’s also the ninth actively exploited zero-day flaw in 2022.
- CVE-2022-22587 (IOMobileFrameBuffer) – A malicious app may be able to execute arbitrary code that gives the app access to things it’s not supposed to have.
- CVE-2022-22594 (WebKit Storage) – A website may be able to track sensitive user information, including personal or private details. These can include the browser type, IP address, and operating system.
- CVE-2022-22620 (WebKit) – Processing maliciously crafted web content may lead to arbitrary code execution.
- CVE-2018-6282 (Intel Graphics Driver) – An application can read kernel memory.
- CVE-2022-22675 (AppleAVD) – This vulnerability could allow an application to execute arbitrary code with elevated privileges.
- CVE-2022-32893 (WebKit) – Processing maliciously crafted web content may lead to arbitrary code execution.
- CVE-2022-32894 (Kernel) – A kernel vulnerability allows an application to execute arbitrary code with kernel privileges by exploiting a race condition. More information is currently being released.
- CVE-2022-32917 (Kernel) – This vulnerability would enable an application to execute arbitrary code with kernel privileges.
- CVE-2022-42827 (Kernel) – A kernel vulnerability may allow an application to execute arbitrary code with kernel privileges.
The most recent updates to the iOS, iPad, and macOS operating systems introduce Advanced Data Protection for iCloud. This new security feature extends end-to-end encryption (E2EE) for iCloud Backup, Notes, Photos, and more.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, YouTube, and Instagram for more cybersecurity news and topics.
Gabriella is the Social Media Manager and Cybersecurity Communications Officer at Heimdal®, where she orchestrates the strategy and content creation for the company's social media channels. Her contributions amplify the brand's voice and foster a strong, engaging online community. Outside work, you can find her exploring the outdoors with her dog.
