Apple has released updates to address an actively exploited zero-day vulnerability affecting its iOS, macOS, tvOS, and Safari applications used by various Apple devices. The flaw, designated CVE-2024-23222, is yet another vulnerability affecting Apple’s WebKit browser engine that could allow threat actors to execute code on affected devices once they have visited a maliciously crafted web page.
Apple has confirmed that the vulnerability has been exploited in the wild but did not indicate to what extent.
Source: Bleeping Computer
Analysis
In 2023, Apple’s WebKit browser engine was a prime target for threat actor activity, and it now appears things may not change in 2024.
In December 2023, Apple released emergency updates to address two similar vulnerabilities in WebKit that could allow threat actors to gain access to sensitive data and execute arbitrary code on the device after visiting a specifically crafted website. Interestingly, these two vulnerabilities were discovered after Apple released a patch for similar issues months earlier that was ineffective.
Fortunately, successful exploitation of these types of vulnerabilities requires the threat actor to first create a website that has the right exploit code, and then entice or force the target to visit that website, which can be achieved with phishing or watering hole attacks. Once the malicious content is rendered by Apple WebKit, the exploit is triggered and the device is compromised.
Mitigation
Field Effect’s elite team of Security Intelligence professionals constantly monitor the cyber threat landscape for vulnerabilities discovered in software such as Apple’s operating systems. This research contributes to the timely deployment of signatures into Covalence to detect and mitigate the exploitation of these vulnerabilities.
Covalence users are automatically notified when vulnerable software is detected in their environment and are encouraged to review these AROs as quickly as possible via the Covalence portal.
Field Effect strongly encourages users of affected Apple devices to update to the latest operating system as soon as possible.
Related articles