Heimdal
article featured image

Contents:

Yesterday, Apple has released patches for iPhones, iPads, and Macs to tackle a zero-day vulnerability that the organization states has been exploited in the wild and could enable cybercriminals to take over a device.

What Is a Zero-Day Vulnerability?

As my colleague Cezarina has already explained in her article – What Is a Zero-Day Vulnerability? , the term “Zero-day” is an imaginative time, as this type of cyberattack happens in less than a day since the awareness of the security flaw. Thereby, not giving developers ample time to eradicate or mitigate the potential risks associated with this vulnerability. In zero-day attacks, software vendors are reactive, not proactive. Therefore, since patches have not yet been released, the attackers are already making their move.

A zero-day attack occurs when hackers exploit a vulnerability window and then launch a direct attack using that vulnerability. What makes zero-day exploits so dangerous is that the only ones who know about them are the attackers themselves. Hackers can attack immediately or take advantage of their weakness, waiting for the right moment to strike.

According to Apple, the vulnerability, tracked as CVE-2021-30807 affects IOMobileFramebuffer, a kernel extension that enables developers to control how a device’s memory handles the screen display.

Apple has fixed the vulnerability, that allows applications to perform arbitrary code with kernel privileges on a vulnerable and unpatched device, by improving memory handling in iOS 14.7.1, iPadOS 14.7.1, and macOS Big Sur 11.5.1.

According to the outlet, obtaining access to kernel privileges gives cyber criminals complete control of a device.

In security advisories published yesterday, Apple stated it was aware that this vulnerability might have been exploited in the wild, but the tech giant did not give more details.

While there is a possibility that this zero-day vulnerability might be a new exploit used by the iOS jailbreaking community to root iPhones, it is also not clear if today’s zero-day is in any way linked to NSO Group, an Israeli company that sells iPhone hacking tools to governments all over the world.

Today’s update reportedly marks the 13th zero-day patch Apple has launched so far in 2021. Previous zero-days included:

CVE Patch date Description
CVE-2021-1782February 1 A zero-day impacting the macOS, iOS, iPadOS, watchOS, and tvOS kernels
CVE-2021-1870February 1 WebKit zero-day impacting macOS, iOS, iPadOS, and watchOS
CVE-2021-1871February 1 WebKit zero-day impacting macOS, iOS, iPadOS, and watchOS
CVE-2021-1879March 26 WebKit bug impacting both old and new-gen iOS, iPadOS, and watchOS
CVE-2021-30657April 26macOS Gatekeeper bypass abused by Shlayer malware
CVE-2021-30661April 26 WebKit zero-day impacting old and new-gen iOS, iPadOS, watchOS, and tvOS.
CVE-2021-30663May 3WebKit zero-day impacting macOS, iOS, iPadOS, and watchOS
CVE-2021-30665May 3WebKit zero-day impacting macOS, iOS, iPadOS, and watchOS
CVE-2021-30666May 3WebKit zero-day impacting macOS, iOS, iPadOS, and watchOS
CVE-2021-30713May 24macOS TCC bypass abused by XCSSET malware
CVE-2021-30761June 14WebKit zero-day impacting old-gen iOS devices
CVE-2021-30762June 14WebKit zero-day impacting old-gen iOS devices

Apple is urging its customers to update to the macOS Big Sur 11.5.1, iOS 14.7.1, and iPadOS 14.7.1 versions it released yesterday to address the bug.

The updates are available for macOS notebooks and desktops, iPhone 6s and later, iPad Pro, iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation).

Author Profile

Antonia Din

PR & Video Content Manager

linkedin icon

As a Senior Content Writer and Video Content Creator specializing in cybersecurity, I leverage digital media to unravel and clarify complex cybersecurity concepts and emerging trends. With my extensive knowledge in the field, I create content that engages a diverse audience, from cybersecurity novices to experienced experts. My approach is to create a nexus of understanding, taking technical security topics and transforming them into accessible, relatable knowledge for anyone interested in strengthening their security posture.

CHECK OUR SUITE OF 11 CYBERSECURITY SOLUTIONS

SEE MORE