- Two iOS flaws have been patched by Apple
- The issues could have allowed hackers to carry out targeted attacks
- Geopolitical tensions have meant a rise in state-sponsored attacks
A new iOS software update has been released to patch two security flaws that, when exploited, allowed cybercriminals to hack specific target devices in an “extremely sophisticated attack”, Apple has confirmed.
The vulnerabilities are in CoreAudio and RPAC, and affected iOS, tvOS, visionOS, and iPadOS – and were discovered by Apple and the Google Threat Analysis Group (TAG).
It’s not yet been confirmed how many times these flaws were deployed, or against whom, but Google TAG’s focus is working to “counter government-backed hacking and attacks against Google and our users,” suggesting the exploits were used by nation-state actors, or at least involved in some way.
Unknown victims
Adam Boynton, Senior Security Strategy Manager EMEIA at Jamf, toldTechRadar Pro the first vulnerability addressed was an “actively exploited CoreMedia flaw that could have allowed malicious code execution through the processing of a media file,” and that Apple has mitigated this by “implementing improved bounds checking.”
The second vulnerability fixed by Apple could allow attackers with read or write access to sidestep Pointer Authentication, which, Boynton told us, is “a security mechanism designed to resist memory disclosure attacks—bypassing it gives an attacker the opportunity to launch attacks and access to parts of the device’s memory.”
“With the security fixes in iOS 18.4.1 addressing two zero-day vulnerabilities, it is essential that all users immediately update their Apple devices,” Boynton.
“The fact that these two vulnerabilities are extremely sophisticated to exploit explains why Apple has only observed attacks against specific, targeted individuals. However, the limited scope of these attacks should not deter users from updating their devices promptly.”
Almost half of UK businesses report an “increasing number” of state-sponsored threat actors in the last 12 months, and elevated geopolitical tensions make for a hostile cybersecurity landscape. Patching known security flaws is a first line of defence for all users, and should be a priority for all security teams.
Leave a comment