- Two iOS defects were corrected by Apple
- The problems could have allowed hackers to carry out targeted attacks
- Geopolitical tensions have meant an increase in attacks sponsored by the State
A new iOS software update has been published to correct two security defects which, when exploited, allowed cybercriminals to hack specific target devices in an “extremely sophisticated attack”, confirmed Apple.
The vulnerabilities are in Coreaudio and RPAC, and affected iOS, TVOS, Visionos and iPados – and were discovered by Apple and the Google Threat Analysis Group (TAG).
It has not yet been confirmed how many times these faults have been deployed, nor against whom, but the objective of Google Tag works to “counter the hacking and attacks supported by the government against Google and our users”, suggesting that the exploits were used by the actors of the national state, or at least involved in a certain way.
Unknown victims
Adam Boynton, principal director of Emeia security strategy in Jamf, saidTechradar Pro The first vulnerability addressed was an “actively exploited coremedia defect which could have enabled the execution of malicious code by processing a multimedia file” and that Apple attenuated it by “implementing an verification of improved limits”.
The second vulnerability fixed by Apple could allow attackers with access in reading or writing to the authentication of the SIDESTEP pointer, which, said Boynton, is “a safety mechanism designed to withstand the disclosure attacks of memory – to have it given to an attacker the possibility of launching attacks and access to parts of the memory”.
“With security fixes in iOS 18.4.1 approaching two zero day vulnerabilities, it is essential that all users update their Apple devices immediately,” Boynton.
“The fact that these two vulnerabilities are extremely sophisticated to exploit explains why Apple observed attacks only against specific targeted individuals. However, the limited scope of these attacks should not dissuade users from quickly updating their devices.”
Almost half of the British companies report a “growing number” of stakeholders sponsored by the state in the past 12 months, and high geopolitical tensions make a hostile cybersecurity landscape. The known security fix is a first line of defense for all users and should be a priority for all security teams.
