Apple has released updates for two zero-day vulnerabilities that were exploited in attacks on iPhones, iPads, and Macs. The first vulnerability, known as CVE-2023-28206, is an IOSurfaceAccelerator that could execute arbitrary code with kernel privileges. The second vulnerability, known as CVE-2023-28205, is a WebKit that processes malicious web content leading to arbitrary code execution.
The affected devices include iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later. On the Mac front, all Macs running MacOS Ventura 13.3.1 were affected by both security vulnerabilities, while all Macs running Safari 16.4.1 over macOS Big Sur and macOS Monterey were affected by the WebKit in CVE-2023-28205.
This marks the third zero-day Apple has patched since the start of the year. The growing trend of attackers’ exploiting zero-days for financial gain or espionage purposes.
According to the patch deployment notes, the flaws were discovered by researchers from Google’s Threat Analysis Group and Amnesty International. In a tweet, Donncha Ó Cearbhaill, a researcher at Amnesty International, confirmed that the vulnerabilities were found “in the wild” and could be chained together to exploit iOS devices.
Super proud of our team at @AmnestyTech and everyone who helped in this investigation.
Today, Apple published an emergency update for all iPhones to patch an exploit chain which we, together with @_clem1 (Google TAG) discovered in the wild. pic.twitter.com/KLMYjqi3lK
— Donncha Ó Cearbhaill (@DonnchaC) April 7, 2023
Krishna Vishnubhotla, VP of Product Strategy at Zimperium, explained that the IOSurfaceAccelerator framework is used by many iOS and macOS applications that require high performance graphics processing. If IOSurfaceAccelerator is exploited, Vishnubhotla said it could potentially allow an attacker to gain unauthorized access to sensitive data or execute malicious code on an iOS device.
The WebKit vulnerability is a core software component of macOS and iOS, responsible for rendering web pages and executing JavaScript code in the Safari web browser and other applications that use WebKit. Vishnubhotla said it is an open-source project that offers a fast, efficient, and customizable framework for building web browsers and other applications that display web content.
If maliciously crafted web content is fed to the browser engine, Apple warns that a hacker can trigger Webkit to execute rogue computer code.
Highlighting The Importance of Cybersecurity
The discovery of zero-day vulnerabilities in Apple’s products highlights the critical importance of utilizing cybersecurity best practices and implementing proper patch management. Zero-day vulnerabilities are a major concern for everyone, as they are unknown to the software vendor, and therefore, can be exploited by cybercriminals without detection.
Proper cybersecurity best practices should include implementing multifactor authentication, using strong passwords, regularly conducting vulnerability assessments and penetration testing, implementing firewalls and antivirus software, and maintaining security awareness training for employees. Additionally, it is crucial for organizations to implement a patch management process to promptly apply security updates to their software, ensuring that vulnerabilities are addressed before they can be exploited.
Failure to prioritize cybersecurity and patch management can lead to costly security breaches. In today’s constantly evolving threat landscape, it is no longer a matter of if an organization will be attacked, but when. Therefore, proactive measures are necessary to prevent and minimize the impact of security incidents.
Patch Management Best Practices
Patch management is a vital aspect of vulnerability management for any organization. Prioritizing patches, especially security patches for critical infrastructure, is important to ensuring the protection of sensitive information. Utilizing patch management tools and software update mechanisms can streamline the patch management process, enabling organizations to apply patches more quickly and efficiently.
The importance of patch management cannot be overstated. Failure to apply patches promptly can result in data breaches, financial losses, and reputation damage. Here are some of the patch management tips to follow:
- Create a patch management policy
- Implement vulnerability management tools
- Establish testing procedures
- Maintain a schedule for patching software
To effectively implement patch management best practices, it is essential to have a clear understanding of an organization’s software landscape and potential vulnerabilities. The patch management software should be capable of providing comprehensive reporting on the features and functionality of patches, enabling administrators to prioritize patches effectively.
EVERNET Consulting can help any company address their cybersecurity and patch management needs. With our team of experienced cybersecurity professionals, we can provide comprehensive cybersecurity solutions that include vulnerability assessments, security awareness training, and patch management services. By partnering with EVERNET Consulting, companies can ensure that their cybersecurity defenses are effective and up to date, helping to minimize the risk of a security breach.
Let’s schedule a discovery call and see how we can help you work smarter, not harder.
Eric is a Business IT cybersecurity advisor, consultant, manager, integrator, and protector who founded EVERNET in 2007. Eric co-hosts a podcast called “Finance and Technology Insights by Brian & Eric” on YouTube. Eric is a regular contributor to the EVERNET blog, writing about the latest technology news and providing his expertise in cyber security prevention and management.
