Apple Releases Urgent Patch to Fix Zero-Day Under Active Exploitation
Last updated September 23, 2021
Apple has found out about another bunch of zero-days that are under active exploitation in the wild, and they are all on WebKit, Safari’s engine. The fixes arrive through iOS 14.5.1, iOS 12.5.3, iPadOS 14.5.1, macOS Big Sur 11.3.1, and watchOS 7.4.1.
As such, users of Apple devices that run on the aforementioned operating systems are advised to apply the available patch immediately and shut the door to the exploitation. In all cases, the exploits can be triggered by merely visiting a malicious (but seemingly innocuous) website, so the trouble is introduced silently and without any user interaction.
The full list of the flaws and their impact is the following:
All of these flaws are being actively exploited in the wild, targeting mostly users of the iPhone. We have seen the same WebKit zero-day trouble on iOS 14.4 in March 2021, in an earlier version of the same branch in January 2021, and on iOS 14.2 in November 2020. WebKit zero-days appear to be the biggest source of headaches for Apple, and the most valuable target for malicious actors, exploit developers, and exploit sellers.
As always, Apple hasn’t elaborated much on the exploitation aspect, not giving away details like who engaged against whom, the scale of the exploitation, the number of potentially affected users, attack themes, IoCs, websites used, etc. This is unfortunate, but it is Apple’s typical approach on the matter, so we’ll have to accept it and just apply the patches as they come.