To address a recent zero-day vulnerability that hackers exploited to breach iPhones, iPads, and Macs, Apple has released security updates urgently. The vulnerability, which is known as CVE-2023-23529 [1, 2], arises from a WebKit confusion issue. This vulnerability allowed hackers to cause OS crashes, and ultimately allowed them to execute code on the compromised devices. As of today, Apple has resolved this zero-day vulnerability through the release of the patch.
Apple warns that attackers can exploit a bug via a malicious web page to execute arbitrary code on vulnerable versions of iOS, iPadOS, and macOS. This vulnerability also impacts Safari 16.3.1 on macOS Big Sur and Monterey. According to Apple, “Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.”
To address CVE-2023-23529, Apple has implemented improved checks in iOS 16.3.1, iPadOS 16.3.1, and macOS Ventura 13.2.1. The bug affects both older and newer models of iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later, as well as Macs running macOS Ventura.
Apple has also patched a kernel use-after-free flaw (CVE-2023-23514) that was reported by Xinru Chi of Pangu Lab and Ned Williamson of Google Project Zero. The patch resolves the flaw that could result in arbitrary code execution with kernel privileges on Macs and iPhones.
Swift Action: Apple’s First Zero-Day Patch of the Year
Apple has acknowledged its awareness of reports regarding active exploitation in the wild, but the company has not yet disclosed any information about these attacks. This decision is likely aimed at giving users sufficient time to update their devices before potential attackers obtain the specific details of the zero-day vulnerability and develop their own custom exploits to target vulnerable iPhones, iPads, and Macs.
Although the zero-day bug is believed to have been used primarily in targeted attacks rather than widespread campaigns, it is highly recommended to promptly install today’s emergency updates to thwart potential attack attempts.
