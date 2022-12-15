Apple into these days has updated the operating systems on its devices, namely security patches for iOS, iPadOS, macOS, tvOS and the Safari web browser, all to address a new zero-day vulnerability that could lead to malicious code execution.

Reported as CVE-2022-42856the problem was described by the tech giant as “confusing” in the browser engine WebKit which could be triggered while processing specially crafted content, leading to the execution of malicious code.

Apple hasn’t always been all rosy as many often want to believe, but that’s another story.

Before continuing, for the uninitiated: lo zero day it is not that, quoting Wikipedia: “any computer security vulnerability not expressly known to the developer or the company that produced a given computer system; it also defines the program – called “exploit” – which exploits this IT vulnerability to allow even partial execution of actions not normally permitted by whoever designed the system in question.”

Does this mean that Apple itself was not aware of this?

The company said it was “I am aware of a report that this issue may have been actively exploited on iOS versions released prior to iOS 15.1“.

While details on the exact nature of the attacks are still unknown, it is likely to be a case of social engineering (aka “the art of deception” so to speak) or a particular method of infecting devices when visiting a more or less legitimate domain but compromised via the browser mentioned earlier (WebKit).

It is worth noting that all third-party web browsers available for iOS and iPadOS, including Google Chrome, Mozilla Firefox and Microsoft Edge and others, must use the WebKit rendering engine due to restrictions imposed by Apple.

Credit for discovering and reporting the problem goes to Clément Lecigne del Threat Analysis Group (TAGs) by Google. Apple later said it was able to work around the bug with an improvement to state management.

Have the updates fixed the problem or is it in the process of being fixed then?

The update, available with iOS 15.7.2, iPadOS 15.7.2, macOS Ventura 13.1, tvOS 16.2 And Safari 16.2comes two weeks after the honeydew company fixed the same bug in iOS 16.1.2 on November 30, 2022.

Basically, it can be said that if in some versions of their operating systems it is now resolved, on others it is still being resolved within a short time.

The fix marks the resolution of the tenth zero-day vulnerability discovered in Apple software since the beginning of the year. It is also the ninth zero-day flaw being actively exploited by bad actors in 2022; below is the list of the other nine problems (fortunately resolved later) that Apple had had since the beginning of the year:

CVE-2022-22587 (IOMobileFrameBuffer): a malicious application may be able to execute potentially malicious code by exploiting and accessing kernel privileges;

CVE-2022-22594 (WebKit storage), a website may be able to track sensitive user information (publicly known but not actively exploited);

CVE-2022-22620 (WebKit), a type of processing of dangerous web content that can lead to the execution of potentially harmful code;

CVE-2022-22674 (Intel Graphics Driver), an application may even be able to read kernel memory (cache);

CVE-2022-22675 (AppleAVD), an application that may be able to execute potentially malicious code with kernel privileges;

CVE-2022-32893 (WebKit), another type of malicious web content that can lead to the execution of potentially malicious code;

CVE-2022-32894 (Kernel), another application may be able to execute potentially malicious code with kernel privileges;

CVE-2022-32917 (Kernel), another application (yet) that may be able to execute potentially malicious code that exploits kernel privileges;

CVE-2022-42827 (Kernel), as above yet another application that could run malicious code with kernel privileges.

The latest updates of iOS, iPadOS And macOS they also introduce a new security feature called Advanced Data Protection for iCloud which expands end-to-end (E2EE) encryption to ‌iCloud‌ Backup, Notes, Photos and more.