Last night, Apple released security updates that fix two actively exploited iOS zero-day vulnerabilities in the Webkit engine used by attackers to exploit a multitude of Apple devices. “Apple is aware of a report that this issue may have been actively exploited,” the company said in multiple security advisories published on May 3rd. Webkit is Apple’s browser rendering engine that is required by all mobile web browsers in iOS and other applications that render HTML, such as Apple Mail and their App Store. The vulnerabilities are tracked as CVE-2021-30665 and CVE-2021-30663, both of which could allow arbitrary remote code execution (RCE) on unpatched devices by simply visiting a malicious website. RCE vulnerabilities are considered the most dangerous as they allow attackers to target vulnerable devices and execute commands on them remotely. CVE-2021-30665 was discovered by Yang Kang, zerokeeper, and Bian Liang of Qihoo 360 ATA, while CVE-2021-30663 was reported to Apple by a researcher who wishes to remain anonymous. The vulnerable devices are iPhone 6s or later, all iPad Pro models, iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch 7th generation, macOS Big Sur, and Apple Watch Series 3 and later. The zero-days were addressed by Apple in the iOS 14.5.1, iOS 12.5.3, macOS Big Sur 11.3.1, and the watchOS 7.4.1 updates. This update also resolved a bug that prevented users from seeing App Tracking Transparency prompts within apps. “This update fixes an issue with App Tracking Transparency where some users who previously disabled Allow Apps to Request to Track in Settings may not receive prompts from apps after re-enabling it,” stated Apple in their iOS 14.5.1 release notes. Apple has been dealing with a stream of actively exploited zero-day vulnerabilities lately, with one fixed last month and numerous other vulnerabilities fixed in the previous months.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.