It took just 15 seconds to hack the most up-to-date, greatest, shiniest iPhone 13 Pro on stage at the Tianfu Cup in October, using a now-set iOS kernel bug.
As if the Log4Shell hellscape wasn’t presently driving most people starkers, it is time to update iOS 15.2 and a crop of other Apple iGadgets, lest your iPhone get taken around by a destructive app that executes arbitrary code with kernel privileges.
To paraphrase a person cellular security qualified, the iOS 15.2 and iPadOS update – produced by Apple on Monday along with updates for macOS, tvOS and watchOS – is as hairy as a Lhasa Apso.
“If log4j was not sufficient, iOS 15.2 is out and it is wild,” tweeted Zuk Avraham, CEO at ZecOps, which marketplaces a tool for mobile unit log investigation. “Many remote and nearby vulnerabilities. If you care about your iPhone/iPad security you really should update quickly.”
iOS 15.2 is out and it is wild. Several distant and neighborhood security issues. If you care about your iPhone/iPad security you must update before long.
[Source: https://t.co/12IWd9tUyF] pic.twitter.com/47e8jebFod— Zuk (@ihackbanme) December 14, 2021
Apple’s security updates protect many vulnerabilities, including a distant jailbreak exploit chain and a amount of critical issues in the kernel and Safari web browser that had been very first disclosed two months in the past at the Intercontinental Cyber Security Contest Tianfu Cup in China. Which is where the shiniest new iPhone – the iPhone 13 Pro jogging the most recent and fully patched model of iOS 15..2 – was clobbered in history time, two times.
One hack was performed reside, on phase, utilizing a remote code execution (RCE) exploit of the cellular Safari web browser. It was unleashed by a staff from Kunlun Lab and succeeded in a number of eyeblinks: 15 seconds, to be specific.
Tracked as CVE-2021-30955, the issue that was picked aside by Kunlun Lab could have enabled a destructive application to execute arbitrary code with kernel privileges. Apple said it was a race affliction that was resolved with “improved point out dealing with.”
“The kernel bug CVE-2021-30955 is the just one we experimented with [to] use to build our distant jailbreak chain but failed to total on time,” Kunlun Lab’s main govt, @mj0011sec, stated in a tweet. It also influences MacOS, according to @mj0011sec, who’s also the previous CTO of Qihoo 360.
Exactly where Kunlun Lab failed, Workforce Pangu succeeded, controlling to remotely jailbreak the iPhone 13 Pro at the Tianfu Cup, marking the initial time that the iPhone 13 Pro was publicly jailbroken at a cybersecurity event. The accomplishment netted the workforce $330,000 in money benefits.
Here’s the entire record of Apple’s security updates from Monday:
- macOS Monterey 12.1
- macOS Large Sur 11.6.2
- Security Update 2021-008 Catalina
- iOS 15.2 and iPadOS 15.2
- tvOS 15.2
- watchOS 8.3
Much more Fixed Bugs
In addition to the distant jailbreak exploit flaw that toppled the iPhone 13 at the Tianfu Cup – CVE-2021-30955, the discovery of which was credited to Zweig of Kunlun Lab – Apple patched a whole of 5 flaws in Kernel and 4 in IOMobileFrameBuffer, a kernel extension for controlling the display screen framebuffer, which is a portion of RAM that is made up of a bitmap that drives a video clip screen.
In this article are the pertinent updates:
- CVE-2021-30927 and CVE-2021-30980: A use immediately after no cost issue that could make it possible for a malicious software to operate arbitrary code with kernel privileges.
- CVE-2021-30937: A memory corruption vulnerability that could enable a destructive software to operate arbitrary code with kernel privileges.
- CVE-2021-30949: A memory corruption issue that could allow a malicious software to run arbitrary code with kernel privileges.
- CVE-2021-30993: A buffer overflow issue that could enable an attacker in a privileged network position to execute arbitrary code.
- CVE-2021-30983: A buffer overflow issue that could make it possible for an application to run arbitrary code with kernel privileges.
- CVE-2021-30985: An out-of-bounds write issue that could enable a destructive software to run arbitrary code with kernel privileges.
- CVE-2021-30991: An out-of-bounds study issue that could make it possible for a destructive software to operate arbitrary code with kernel privileges.
- CVE-2021-30996: A race ailment that could make it possible for a malicious software to run arbitrary code with kernel privileges.
Nothing Quite Like Aged Cheese, Wine and Software program
Miclain Keffeler, application security guide at application security supplier nVisium, advised Threatpost on Tuesday that those “wild,” now-patched iOS 15.2 flaws “highlight why the security market endorses keeping on the N-1 or even the N-2 newest variation of application patches.”
He famous that security practitioners “often search at new variations of libraries and running methods as the most current and finest, but that frequently will come at the price tag of unfamiliar and new attack vectors.”
As such, we have to have to enable time – and security testers – dictate the correct cadence to operate updates, he continued. “The individual CVEs – which have now been patched – affected extremely core services, indicating that quick of taking your iOS or Mac unit off of the internet, the only avoidance is our weakest security security: people.
This string of vulnerabilities “only strengthens the security team’s solve that security is everyone’s occupation,” he continued. “Users require to follow very good web cleanliness as they go about their times by only downloading applications which are trustworthy, as properly as searching internet sites that they know are highly regarded and harmless.”
Check out our cost-free approaching are living and on-need on the net city halls – unique, dynamic discussions with cybersecurity industry experts and the Threatpost local community.
Some parts of this article are sourced from:
threatpost.com