Tuesday, December 24, 2024
HomeCyber SecurityA Cybersecurity View of Apple’s Zero-Day flaws

A Cybersecurity View of Apple’s Zero-Day flaws

Apple fixes two ‘Zero-Day’ security flaws in the latest update with millions of consumers and organizations left in havoc

Just last week, Apple released a series of emergency security updates as a response to two zero-day vulnerabilities found in iPhone, Mac, and iPad devices.

Though the news surfaced at Apple’s official website, it however lacked important details on the possible exploitation of the vulnerabilities.

The hackers would have “actively exploited” the security loopholes, mentioned Apple. 

To address the sensitivity of the matter, various cybersecurity agencies and specialists around the globe helped iOS users discern the potential impacts and security measures. 

Although Apple hasn’t disclosed how, and when it got to the vulnerability, the iPhone maker cited an “anonymous researcher” working as an ethical hacker in favor of the company. 

The two bugs identified by the penetration test (aka pen test) are dubbed as “out of bounds” write flaws.

Each resides in the Kernel and in the Webkit engine respectively, offering hackers two easy ways to jump in, and control an iDevice. 

Vulnerable devices include:  iPhones dating back to the 6S model, iPad 5th generation and later, iPad Air 2 and later, iPad mini 4 and later, all iPad Pro models and the 7th generation iPod touch.

The tech giant says new updates offer better “control of bounds” in the system, and that hackers would no longer exploit devices after the updates are installed.

Before we jump to the vulnerability details make sure you’ve updated your iPhone, Mac, iPad, and iPod systems to the latest security updates, as the updates are recommended to be installed urgently, for all users. 

About the Vulnerabilities

Apple identified the two security vulnerabilities as out of bounds write flaws. 

Simply put, an out of bounds write flaw lets an application write a program outside its allocated memory resources potentially getting unauthorized access to other programs. 

Such a bug impacts the application controls in two ways. Either the app crashes, or more dangerously, gets to write arbitrary code remotely.

This is done following a phenomenon known as Arbitrary Code Execution (ACE).

1: The Webkit Zero-day

Denoted as CVE-2022-32893, this vulnerability was found in the Safari web engine: “Webkit”.

A hacker could exploit this security flaw to execute a malicious arbitrary code essentially through a website. 

Quite troublesome, the impacts are not just limited to Safari Web Browsing functionalities as we explain shortly in the article.

2: The Kernel Zero-day

The other vulnerability, denoted as CVE-2022-32894, affects the Kernel of the iOS. 

For a one-liner overview, the kernel of an operating system is that part of the code that is tasked for resource allocation.

This includes for example assigning memory, and processing resources to other components in the system.

Thus the kernel has direct access to all the applications and hardware of the system. 

With this kernel-hit security flaw, a hacker can use a malicious application to run an arbitrary code (ACE) with kernel privileges, getting unrestricted access to all the applications in the device as well as the hardware components.

In the following section we explain in how many ways hackers could use the above vulnerabilities to control a device remotely.

Expert’s Views on the impact of Vulnerabilities

At the Sophos’ official blog page, Paul Duckline, a cybersecurity expert, comes forward with his view on the potential impacts of the zero day bugs. These are presented as follows.

First, it’s surprising to know that the Webkit vulnerability can provide access to all HTML based applications and functionalities in the device. 

Therefore, the Webkit vulnerability caused a risk to ‘all’ the web-rendering applications of the device and not just the Safari exclusive content. 

You must know that the Webkit engine sits behind all the HTML functionalities in an iOS device, even behind those apps that display “About Us” and “Help” pages using HTML’s convenience.

Since Apple has made it compulsory for all apps on the App Store to base their web functionalities on Webkit engine, a malicious web page containing an ACE, implanted by a hacker, could get a foothold on all the apps.

The second vulnerability is more shocking and dangerous in impact since it resided at the kernel level. 

The Kernel privilege loophole can give a cybercriminal full control of your iDevice, something that’s only reserved for Apple.

Simply put, if a hacker got successful in implementing an ACE exploiting this bug, they can do the following to your iDevice:

  • Spying on any of the current running apps
  • Anonymously downloading and starting new apps on its own 
  • Acquiring full access to data on the device
  • Changing system security settings
  • Retrieving location information
  • Taking screenshots
  • Using the cameras in the device
  • Turning on microphone
  • Copying text messages
  • Tracking web browsing

And these are just some of the many privileges offered to a hacker by Apple’s Kernel vulnerability.

Additionally, a hacker is also to fool Apple’s security controls by setting a spyware at the background of your device, arranging a comprehensive surveillance system, writes Paul.

What to do?

First and foremost, users are advised to stay calm since fortunately there are no reported cases of “any mass exploitation” in this regard, states BBC. 

To keep yourself in the safe zone, it’s urgently recommended to patch immediately

Here’s how you can quickly and easily install updates on your iOS devices.

Second, if you think you have been a victim of a cyber attack, a Device Firmware Update (DFU) would clean all the data on your device and reinstall the operating system from scratch. 

Please note that all your personal data will be lost in the case you perform a DFU, so it better needs a backup.

However, due to the kind of vulnerabilities, backing up any HTML rendered files is not recommended.

Read more about DFU here.

An Opportunity to Learn Ethical Hacking!

Dice Analytics brings an opportunity to learn Cybersecurity and Ethical Hacking in just 8 weeks. The course is presented in collaboration with an internationally acclaimed Senior Cybersecurity Specialist Jahanzaib Awan

With 70% practical and 30% theory, this hands-on intensive course takes you through all the cybersecurity critical concepts to pull off the Certified Ethical Hacker (CEH) exam.

CEH is currently the most recognized certification in the information security landscape.

What will you learn?

The course covers all ethical hacking concepts covering the CEH criteria. View course outline and other details here.

Dice Analytics offers flexible pricing as well as valuable concessions. 

Visit our page for more information about the course.

Ayesha
I engineer the content and acquaint the science of analytics to empower rookies and professionals.
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular

Recent Comments