Apple Extends Zero-Day Patch to Older Macs, Urges Immediate Update
Apple has expanded its security efforts by backporting a critical zero-day patch to older Mac models running macOS Monterey 12.7.6. The vulnerability, tracked as CVE-2024-23296, was previously addressed in March for newer devices but is now confirmed to have been actively exploited in the wild.
The zero-day flaw stems from a memory corruption issue within Apple’s RTKit real-time operating system. This vulnerability could potentially allow attackers to bypass kernel memory protections, granting them unauthorized read and write access to the kernel. Such access could lead to the execution of arbitrary code and complete compromise of the affected device.
While Apple has remained tight-lipped about the specifics of the attacks exploiting this vulnerability, macOS zero-days are often associated with targeted campaigns by state-sponsored actors. These campaigns typically focus on high-profile individuals such as journalists, dissidents, and political figures.
In security advisories published today, Apple reiterated its awareness of reports indicating that this vulnerability “may have been exploited.” While the company has not yet attributed the discovery of CVE-2024-23296 to any specific security researcher or provided details on the nature of the attacks, it is evident that the flaw has posed a significant threat.
The Cybersecurity and Infrastructure Security Agency (CISA) had already added this flaw to its Known Exploited Vulnerabilities (KEV) catalog in March, underscoring the urgency and severity of the issue.
Even though this vulnerability was likely used in limited, targeted attacks, all users of older Mac models are strongly advised to install the macOS Monterey 12.7.6 update immediately. This update includes crucial security improvements to mitigate the risk of exploitation.
