Content, Content

Apple Patches Exploited Zero-Day Vulnerability Targeting iPhones, iPads, Macs

Viruses are detected in cyberspace. Abstract sight is aiming for threats. The problem is detected. Illustration.

Viruses are detected in cyberspace. Abstract sight is aiming for threats. The problem is detected. Illustration.

Apple has issued new security updates to iOS, iPadOS, macOS, tvOS and its Safari web browser intended to deal with a zero-day vulnerability that could enable a bad actor to execute malicious code, the company said in a security advisory.

The iPhone maker has described the vulnerability, tracked as CVE-2022-42856, as a “type “confusion” issue in the WebKit browser engine. An attacker can exploit the flaw by luring the user into accessing “maliciously crafted content,” leading to arbitrary code execution.

Previously Exploited Vulnerability?

Hackers may have already exploited the vulnerability in earlier versions of iOS. “Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1,” the company said in the update.

The update comes two weeks after Apple released a patch for the same flaw in iOS 16.1.2. This update affects iOS 15.7.2, iPadOS 15.7.2, macOS Ventura 13.1, tvOS 16.2, and Safari 16.2.

Clément Lecigne, a security engineer in Google's Threat Analysis Group, has been credited with reporting the vulnerability to Apple. No information has been released about the attacks leveraging CVE-2022-42856.

Nine Zero-Day Discoveries

Apple reportedly has previously resolved nine zero-day vulnerabilities discovered in its software in the last year:

  • CVE-2022-22587 (IOMobileFrameBuffer) – A malicious application may be able to execute arbitrary code with kernel privileges.
  • CVE-2022-22594 (WebKit Storage) – A website may be able to track sensitive user information (publicly known but not actively exploited).
  • CVE-2022-22620 (WebKit) – Processing maliciously crafted web content may lead to arbitrary code execution.
  • CVE-2022-22674 (Intel Graphics Driver) – An application may be able to read kernel memory.
  • CVE-2022-22675 (AppleAVD) – An application may be able to execute arbitrary code with kernel privileges.
  • CVE-2022-32893 (WebKit) – Processing maliciously crafted web content may lead to arbitrary code execution.
  • CVE-2022-32894 (Kernel) – An application may be able to execute arbitrary code with kernel privileges.
  • CVE-2022-32917 (Kernel) – An application may be able to execute arbitrary code with kernel privileges.
  • CVE-2022-42827 (Kernel) – An application may be able to execute arbitrary code with kernel privileges.
D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.

Related