Get in Touch
Memory Corruption Zero-Day Patched by Apple
Overview
Apple has released security updates to fix two zero-day vulnerabilities. One which was publicly disclosed, and the other was discovered being exploited in the wild.
One vulnerability relates to a memory corruption bug in the IOMobileFrameBuffer that affects iOS, iPadOS, and macOS Monterey, while the second is a real-time tracking vulnerability in the Safari WebKit on iOS and iPadOS.
Impact
Successful exploitation of this bug leads to arbitrary code execution with kernel privileges on compromised devices. The second zero-day vulnerability is a Safari WebKit bug in iOS and iPadOS that allows websites to track your browsing activity and users’ identities in real-time.
Products Affected
– iPhone 6s and later
– iPad Pro (all models)
– iPad Air 2 and later
– iPad 5th generation and later
– iPad mini 4 and later
– iPod touch (7th generation)
– macOS Monterey
Containment, Mitigations & Remediation
Apply updates on relevant devices shown in affected products.
Indicators of Compromise
There are currently no IOCs
Threat Landscape
These bugs are the first zero-day vulnerabilities fixed by Apple in 2022.
Apple device users appear to be vulnerable to a significant browser privacy flaw. According to 9to5Mac, FingerprintJS has disclosed an exploit that lets attackers obtain your recent browser history, and even some Google account info. iOS and macOS users should apply the updates to mitigate this Safari vulnerability as soon as they can.
Mitre Methodologies
T1055.009 – Process Injection: Proc Memory
DS0008 – Kernel
T1176 – Browser Extensions
Further Information
Safari exploit can leak browser histories and Google account info
Apple fixes array of iOS, macOS zero-days and code execution security flaws