Overview of Apple’s Rapid Security Response Update
Last Thursday, Apple released a Rapid Security Response update. Rapid Security Responses are a relatively new type of software release that exists to “deliver important security improvements between software updates.” So, now users get security fixes more frequently to mitigate security risks in real-time.
Apple’s first rapid alert fixes two actively exploited zero-day vulnerabilities in Apple Webkit. Two of the bugs, CVE-2023-28204 and CVE-2023-32373, were reported to the tech company by an anonymous researcher. These flaws can lead to sensitive information disclosure and arbitrary code execution if an attacker tricks a victim into processing specially crafted web content. In other words, first, an attacker must lure their target to a malicious site. Then, once initiated, the attacker gains access to the victim’s device and files and can run other malicious programs to steal their data.
Devices Affected by Apple’s Rapid Security Response Updates
Apple’s security advisory shares that it patched the vulnerabilities with its first Rapid Security Response updates, specifically affecting iOS 16.4.1(a), iPad 16.4.1(a), and macOS 13.3.1(a). The newest updates, iOS 16.5 and iPad 16.5, fix CVE-2023-28204 and CVE-2023-32373, as well as CVE-2023-32409. The latter is a WebKit zero-day, which attackers exploit to escape the Web Content sandbox.
CVE-2023-32409 was reported to Apple by Google’s Threat Analysis Group and Amnesty International. The group’s work indicates that the vulnerability was most likely already exploited by the products of a commercial spyware vendor.
The updates also resolve exploited WebKit vulnerabilities in Apple TV, Apple Watch, and Safari. As for the latest macOS Ventura update, three zero-day bugs and almost 50 other vulnerabilities have been fixed. Many could have led to sensitive information disclosure, arbitrary code execution, DoS attacks, a security feature bypass, and privilege escalation.
Summary of Apple’s Rapid Security Response Updates
Fortunately, Apple’s latest Rapid Security Response update patches over thirty additional vulnerabilities. Several which lead to security bypass, sandbox escape, arbitrary code, exposure of location and other user data, privilege escalation, termination of an application, recovery of deleted photos, retaining access to system configuration files, contact information exposure from the lock screen, and modifications of protected parts of the file system. The length of this list increases the criticality of updating your Apple device to the latest version if you have not done so already.
How to Prevent Exploitation of Apple Device Vulnerabilities
It is always essential to install new updates for your devices upon release. This is especially true for Rapid Security Response updates. That said, turning on automatic updates is an excellent way to stay on top of it. This way, updates can be installed automatically without manual effort while you sleep.
Steps to Update Your Apple Devices
How to Set Automatic Updates on an iPhone or iPad
Go to Settings > General > Software Update > Automatic Updates, then turn on “Security Responses & System Files.”
How to Set Automatic Updates on a Mac
Choose Apple menu > System Settings. Click General in the sidebar, then click Software Update on the right. Click the Show Details button next to Automatic Updates. Then turn on “Install Security Responses and system files.”
Managed Cybersecurity Services to Secure Your Organization
If your organization needs help managing device security or its overall security posture, contact us about our managed security services today. We specialize in cybersecurity and risk management services for small to medium-sized businesses and public entities across New York State. As a leading provider of IT security solutions in the area, we provide exceptional support, customizable solutions, and the assurance of a trusted technology partner.
Sources
https://www.securityweek.com/apple-patches-3-exploited-webkit-zero-day-vulnerabilities/
https://www.securityweek.com/apple-patches-actively-exploited-webkit-zero-day-vulnerability/
https://support.apple.com/en-us/HT201224 – Apple’s Update on Rapid Security Response Update