Yesterday, we published information about Apple’s iOS 16.4.1 release, wondering why Apple had rushed to release an update for seemingly minor issues unless there were significant security problems undisclosed at the time.
It turns out the speculation was correct. Apple has addressed two critical security vulnerabilities exploited in the wild through iOS 16.4.1, iPadOS 16.4.1, macOS Ventura 13.3.1, and Safari 16.4.1.
The first vulnerability, CVE-2023-28205, is located in the WebKit kernel and is classified as a Use-after-Free vulnerability. It allows attackers to corrupt data and execute arbitrary code when reusing freed memory.
Exploiting this vulnerability, attackers can create malicious web pages to lure targeted users into visiting, potentially leading to code execution on the targeted devices, posing a high level of risk.
The second vulnerability, CVE-2023-28206, is an out-of-bounds write in IOSurfaceAccelerator, which may cause data corruption, crashes, or code execution.
By exploiting this vulnerability, attackers can create malicious applications to entice targeted devices into installing them. Subsequently, they can execute arbitrary code with kernel-level privileges, posing an extremely high risk.
According to Apple, both vulnerabilities were exploited by hackers in the wild before being discovered, making them zero-day exploits. Affected devices include a wide range of products, from the iPhone 8+ to all iPad Pro models, iPad Air 3rd+, iPad 5th+, iPad mini 5th+, and all Macs running macOS Ventura.
In light of the severe risks posed by these vulnerabilities, Apple has issued an emergency update to address them. Users of the aforementioned devices and operating systems are strongly advised to update to the latest version immediately. These vulnerabilities mark the third zero-day exploits fixed by Apple this year.