Threat Watch

Apple Safari RCE Vulnerability

The Safari browser from Apple contains a Remote Code Execution (RCE) vulnerability in its Webkit Feature. An attacker could use this vulnerability to trigger a use-after-free condition in the WebCore, the DOM-rendering system for Webkit. This would allow any attacker to execute code on the machines they are targeting. Fort this vulnerability to work, the victim would have to visit a malicious website first. This vulnerability is tracked as CVE-2020-9951.

ANALYST NOTES

This vulnerability received a score of 8.8, which makes it important that the patch for it be implemented immediately. Safari is generally regarded as not being the most secure browser, having seen many issues and vulnerabilities in the past. Often times, threat actors will get people to visit a site that would trigger the vulnerability through a phishing email. Any time a suspicious email asks someone to go to a website, they should be cautious and not click the link unless they are confident it is safe to do so. Companies should also implement web filtering that prevents employees from visiting sites that have been identified as malicious. Only known and trusted websites should be visited to prevent an attacker into tricking a user to visit an exploit page or phishing landing page that steals passwords using fake login pages.

More can be read here: https://blog.talosintelligence.com/2020/09/vuln-spotlight-apple-safari-sept-2020.html