Share this article on:
Apple has rushed to patch a trio of vulnerabilities affecting its iOS-based devices.
The Cupertino-based company launched one kernel patch and two WebKit patches.
The kernel patch addressed an integer overflow issue that could lead to an app being able to execute arbitrary code. One WebKit patch fixed a type confusion vulnerability that could lead to a website also executing arbitrary code, while the second WebKit fix was a memory corruption issue, which could lead to code execution.
Affected devices include iPhone 6s, iPhone 7, iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation).
The patches address a malware campaign first reported by Russian security firm Kaspersky. At the time, both the company and the Russian government strongly implied that Apple was working with the US National Security Agency to effectively bug iOS devices with malware. Kaspersky has now, in fact, assisted Apple with some of its patches after six months of research into the exploits.
“The implant,” Kaspersky said in a blog post, “which we dubbed TriangleDB, is deployed after the attackers obtain root privileges on the target iOS device by exploiting a kernel vulnerability. It is deployed in memory, meaning that all traces of the implant are lost when the device gets rebooted.”
In the case of a reboot, a malicious attachment can then be sent via iMessage, which restarts the exploitation chain.
Apple has a reputation for excellent security on its devices, thanks to its “walled garden” approach, but the rise of GoLang-based malware and its continued use could be a threat, at least to MacOS devices.
However, some experts are praising Apple for the speed of their response.
“Apple has a great track record when it comes to addressing critical vulnerabilities in its software quickly to help its users stay protected,” Ray Kelly, principal security engineer at Synopsys, told Cyber Security Connect via email. “This is critically important since Apple users do not have a way to protect themselves from malicious websites that may be actively exploiting in the wild, like this specific WebKit vulnerability.”
“Security-focused updates like this really stress the importance of enabling automatic iOS updates to ensure you have the latest software that keeps your device safe. However, since some users choose to disable these automatic updates, malicious actors will always have a vast amount of vulnerable targets.”
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.