![]() ![]() ![]() Will Strafach, a security researcher, said he had seen no technical analysis of the vulnerabilities that Apple has just patched. Its spyware is known to have been used in Europe, the Middle East, Africa and Latin America against journalists, dissidents and human rights activists. NSO Group has been blacklisted by the US commerce department. We use Google reCaptcha to protect our website and the Google Privacy Policy and Terms of Service apply.Ĭommercial spyware companies such as Israel’s NSO Group are known for identifying and taking advantage of such flaws, exploiting them in malware that surreptitiously infects targets’ smartphones, siphons their contents and surveils the targets in real time. For more information see our Privacy Policy. Privacy Notice: Newsletters may contain info about charities, online ads, and content funded by outside parties. The company says its customers for such weaknesses are “government institutions (mainly from Europe and North America)”. The broker Zerodium, for instance, will pay “up to $500,000” for a security weakness that can be used to hack a user through Safari, and up to $2m for a fully developed piece of malware that can hack an iPhone without a user needing to click on anything. Such weaknesses are hugely valuable on the open market, where cyberweapon brokers will buy them for hundreds of thousands, or millions, of dollars. Until the fix was released on Wednesday, the vulnerabilities will have been classed as “zero-day” bugs, because there has been a fix available for them for zero days. Those who should be particularly attentive to updating their software are “people who are in the public eye”, such as activists or journalists who might be the targets of sophisticated nation-state spying, Tobac said. Rachel Tobac, the CEO of SocialProof Security, said Apple’s explanation of the vulnerability meant a hacker could get “full admin access to the device” so that they can “execute any code as if they are you, the user”. It credited an anonymous researcher or researchers for disclosing both.Īnyone with an iPhone released since 2015, an iPad released since 2014 or a Mac running macOS Monterey can download the update by opening up the settings menu on their mobile device, or choosing “software update” on the “about this Mac” menu on their computer. The other affects WebKit, the underlying technology of the Safari web browser.įor each of the bugs, the company said it was “aware of a report that this issue may have been actively exploited,” though it provided no further details. macOS Big Sur 11.7.6 and Monterey 12.6.5 (It's worth noting that the update only addresses CVE-2023-28206.One of the software weaknesses affects the kernel, the deepest layer of the operating system that all the devices have in common, Apple said.iOS 15.7.5 and iPadOS 15.7.5 - iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation).The updates are available for the following devices. Apple Expands Patches to Older DevicesĪpple, on April 10, 2023, backported patches for the two actively exploited flaws to include older iPhones, iPads, and Macs. The development also comes as Google TAG disclosed that commercial spyware vendors are leveraging zero-days in Android and iOS to infect mobile devices with surveillance malware. In February, Apple addressed another actively exploited zero-day ( CVE-2023-23529) in WebKit that could result in arbitrary code execution. Macs running macOS Big Sur, Monterey, and VenturaĪpple has patched three zero-days since the start of the year.iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later.The fixes also span a wide range of devices. The updates are available in version iOS 16.4.1, iPadOS 16.4.1, macOS Ventura 13.3.1, and Safari 16.4.1. Credited with discovering and reporting the flaws are Clément Lecigne of Google's Threat Analysis Group (TAG) and Donncha Ó Cearbhaill of Amnesty International's Security Lab.ĭetails about the two vulnerabilities have been withheld in light of active exploitation and to prevent more threat actors from abusing them.
0 Comments
Leave a Reply. |