CVE-2024-23225 & CVE-2024-23296: Apple Patches Actively Exploited 0-Day Flaws

CVE-2024-23225 & CVE-2024-23296

iPhone and iPad users, a major security alert has been issued. Apple recently pushed out emergency patches to fix two zero-day vulnerabilities (CVE-2024-23225 and CVE-2024-23296) that are already under attack. Hackers were actively using these flaws to gain control of devices – so updating immediately is crucial.

CVE-2024-23225 & CVE-2024-23296

What are zero-day vulnerabilities?

Zero-day vulnerabilities are the most dangerous kind of software bugs. Developers have no idea they exist until attackers strike, so there’s zero time to create a solution beforehand. The fact that Apple issued emergency patches means these vulnerabilities were particularly severe and actively being used in the wild.

What was the threat?

The vulnerabilities, cataloged under CVE-2024-23225 and CVE-2024-23296, are particularly alarming due to their nature and the methods by which attackers could exploit them. The first of these bugs is ensconced within the very core of Apple’s operating system, the kernel, which is the bedrock upon which all iOS and iPadOS functionalities are built. This flaw could potentially allow an attacker to sidestep signature validations through the deployment of malicious apps, posing an insidious threat to system integrity and user data privacy.

The second vulnerability resides in the RTKit, an essential component of Apple’s software ecosystem, tasked with real-time operations on iOS and iPadOS devices. It allowed malicious websites or seemingly harmless apps to inject and run harmful code on your iPhone or iPad. It’s the equivalent of a hidden backdoor that attackers could use to break in.

An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited,” the company revealed in security advisories describing the security flaws.

The Damage They Could Cause

These are not run-of-the-mill bugs. Attackers could potentially:

  • Install malware or spyware on your device
  • Steal private information like passwords, photos, and messages
  • Access sensitive features like your camera or microphone

What Apple Did

Apple patched these holes in iOS 17.4, iPadOS 17.4, iOS 16.7.6, and iPadOS 16.7.6. The fixes include tougher checks to stop malicious software from wiggling in.

Affected Devices

A wide range of iPhones and iPads are affected, including older models. If you own any of these, you’re vulnerable:

  • iPhone XS and newer
  • Almost all iPad Pro models
  • iPad Air (3rd generation and newer)
  • iPad (6th generation and newer)
  • iPad mini (5th generation and newer)

What To Do: Update Right Now!

  1. Go to Settings -> General -> Software Update
  2. Download and install the latest available update