What You Need to Know:
In response to attacks aimed at hacking iPhones, iPads, and Macs, Apple issued urgent security updates that address two vulnerabilities, one of which is a zero-day vulnerability.
The first vulnerability, tracked as CVE-2023-23529 [1,2], is a WebKit confusion zero-day that can lead to OS crashes and the execution of arbitrary code on compromised devices. This vulnerability can be exploited by opening a malicious web page and affects versions of iOS, iPadOS, and macOS, including Safari 16.3.1. The WebKit vulnerability is being exploited in the wild, but it is not clear as to how the vulnerability is being exploited in attacks. WebKit flaws impact every third-party web browser that is available for iOS and iPadOS due to Apple’s restrictions that require browser vendors to use the same rendering framework.
The second vulnerability is tracked as CVE-2023-23514 and is a kernel use after free flaw that can also result in the execution of arbitrary code with kernel privileges on Macs and iPhones. This vulnerability could allow a rogue app to execute arbitrary code with the highest privileges.
To minimize potential risks, it is recommended that users update to iOS 16.3.1, iPadOS 16.3.1, macOS Ventura 13.2.1, and Safari 16.3.1. Updates are available for iPhone 8 and newer, iPad Pro (all versions), iPad Air 3rd generation and newer, iPad 5th generation and newer, and iPad mini 5th generation and newer. Additionally, the updates are available for Macs that are operating on macOS Ventura, macOS Big Sur, and macOS Monterey.
- For guidance regarding iOS 16.3.1 and iPadOS 16.3.1 please see Apple’s advisory.
- For guidance regarding macOS Ventura 13.2.1 please see Apple’s advisory.
Indicators of Compromise (IoCs):
At this time, there are no known IoCs associated with CVE-2023-23514 and CVE-2023-23529
- Patch Now: Apple’s iOS, iPadOS, macOS, and Safari Under Attack with New Zero-Day Flaw (thehackernews.com)
- Apple fixes new WebKit zero-day exploited to hack iPhones, Macs (bleepingcomputer.com)
- About the security content of macOS Ventura 13.2.1 – Apple Support
- About the security content of iOS 16.3.1 and iPadOS 16.3.1 – Apple Support
If you have any questions about this vulnerability or your information security needs, please contact us directly at 774-204-0700.