Apple’s New Zero-Day Fixed: iPhone and Mac Under Attack
Apple is one of the most popular companies in the world. Aside from delivering high-end devices, individuals mostly use its products for their security. However, even the almighty company can slip sometimes, and Apple did indeed slip as it reported new zero-day vulnerabilities – one of them exploited in attacks.
The vulnerabilities concern users operating iPhones, Macs, and iPads, which can be very concerning since these flaws can be used to perform all sorts of malicious activities.
Apple has been having a very bad 2023 in terms of security flaws affecting its products. But what about this one? How can CVE-2023-38606 affect Apple users? Find out below.
Apple’s New Flaws – Eleven and Counting
When we speak of secure devices, Apple directly comes to mind. There’s no doubt about how safe the company’s devices are.
While the implemented security measures can cause inconvenience, such as the inability to download content from untrusted sources, users are well-protected and secure.
Unfortunately, despite all these procedures, vulnerabilities have become pretty common among iOS and Mac devices.
In fact, Apple doesn’t seem to be having a good 2023 so far in terms of security flaws. The following are some of the vulnerabilities addressed by Apple in the past couple of months:
- Three Vulnerabilities in May: CVE-2023-32409, CVE-2023-28204, and CVE-2023-32373.
- Two Vulnerabilities in April: CVE-2023-28206 and CVE-2023-28205
This time around, the company addressed that new vulnerabilities are at large. However, one has been exploring in the wild against iOS versions released before iOS 15.7.1.
“Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1.”
According to Kaspersky GReAT lead security researcher Boris Larin, the exploited vulnerability (CVE-2023-38606) can lead to deploying Triangulation spyware.
The vulnerabilities have been dealt with. Apple released the necessary patches to fix them, and they cover the following operating systems:
The updates are available for the following devices and operating systems:
- iOS 15.7.8 and iPadOS 15.7.8 – iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation).
- macOS Ventura 13.5, macOS Monterey 12.6.8, and macOS Big Sur 11.7.9.
- tvOS 16.6 – Apple TV 4K (all models) and Apple TV HD.
- iOS 16.6 and iPad 16.6 – iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
- watchOS 9.6 – Apple Watch Series 4 and later.
If you use any of the aforementioned OS, make sure to update your device immediately. That way, you’ll ensure that your device is safe.
More Apple Zero-Day Vulnerabilities – Update Now
As we mentioned, 2023 hasn’t been treating Apple very well. As of now, Apple has patched 11 zero-day flaws exploited by attackers in the wild.
The latest patches our out; you should immediately install them on your device to avoid any future predicament.
As for those who don’t update their phones regularly, software updates are released to patch previous vulnerabilities. If you don’t implement them, you’ll fall victim to all sorts of malicious activities.