your current location is:Home > Finance > depthHomedepth
Apple's exposure to serious security flaws is equivalent to giving hackers a master key?
The iPhone 14 is about to be released, and 0day (usually refers to unpatched exploits in the cybersecurity world) level vulnerabilities are covered in Apple's head.
Recently, Apple has been exposed to serious security vulnerabilities in its mobile phones, tablets, computers and other hardware products, and these vulnerabilities can allow hackers to easily obtain "full administrative rights" of the device and run any software in their name. At present, Apple has not disclosed more details of the vulnerability, only that it was discovered by an anonymous researcher.
"The 0day-level vulnerability is a vulnerability that has just been discovered and has not been disclosed yet, and it is a great threat." Ran Ran, a member of the network sharp knife security team of the civil Internet security organization, told the reporter of "China Business Daily", given that Apple itself pays great attention to security vulnerabilities. The problem is that it is "relatively rare" to have a 0day-level vulnerability, but the vulnerability is not at the ceiling level. It is recommended that Apple users upgrade the system in time.
People from 360 Vulnerability Research Institute also told reporters that the vulnerability has a very wide-ranging impact, affecting almost all Apple devices, such as iPhone, iPad, Mac, etc., but "from the perspective of historical attack events, attacks against Apple devices are mainly concentrated in specific Therefore, for ordinary users, it is not necessary to be too nervous to update the system in time and not click on unknown links at will.”
Regarding whether this vulnerability has been exploited, caused losses, and how to deal with similar vulnerabilities in the future, the reporter contacted Apple China, but has not received a reply as of press time. However, Apple has publicly claimed to have found a corresponding solution, and called on users to download the latest update immediately to patch the vulnerability.
Vulnerability has been exploited
It is understood that the devices affected by this vulnerability cover mobile phones, tablets, and computers "Apple's three-piece set": mobile phones include iPhone 6S and later models; tablets include fifth-generation and later iPads, all iPad Pros and iPad Air 2; The computer is a Mac running MacOS Monterey. In addition, the vulnerability can also affect some models of iPod.
"From the public information, we can see that the vulnerability mainly exploits the Apple WebKit code execution vulnerability (CVE-2022-32893) and the Apple Kernel privilege escalation vulnerability (CVE-2022-32894)." Leng Lun said that Apple Webkit is a browser Engine, used in Safari, Mail, App Store, iOS and Linux, Apple Webkit may lead to arbitrary code execution when processing maliciously crafted web content, in short, Apple kernel has a local privilege escalation vulnerability, "through out-of-bounds read and write, A successful exploitation of this vulnerability could escalate local user privileges to kernel privileges and execute arbitrary code with kernel privileges."
It should be pointed out that CVE refers to Common Vulnerabilities and Exposures. Regarding the analysis of the vulnerability, Zhang Xiaorong, president of Deepin Science and Technology Research Institute, vividly called it equivalent to giving the hacker a master key, which can be used to access the user's terminal at any time.
Luren also said that at present, several security teams in China have discovered that the vulnerability has been exploited, that is, external attack organizations are using this type of vulnerability. "At present, the feedback from major security vendors (the vulnerability) has not spread widely, and the details of the vulnerability have not been made public," he said.
In a security update released, Apple said the vulnerability could have been exploited for attacks. "This is what we call a zero-day vulnerability, or a vulnerability that has been exploited by hackers before companies have discovered and been able to respond." Advanced Threat Intelligence at Mandiant Consultant Jamie Collier said.
In the opinion of the aforementioned 360 Vulnerability Research Institute, although Apple used the word "possible" in the statement, the results and logic have already shown that the vulnerability has been "exploited". This time Apple not only fixed these two vulnerabilities, but also New safeguards have also been introduced for attack methods, making it harder to attack similar vulnerabilities.
safety test still
Zhang Xiaorong pointed out that although the system vulnerabilities in the Apple terminal are much less than that of Windows, with the growth of Apple users, the Apple system has increasingly become the target of hackers, and the problem of security vulnerabilities has become more and more serious. In fact, there have been many major vulnerabilities in Apple's history.
"For example, the Trident vulnerability in 2016, similar to the vulnerability fixed this time, also uses the browser that comes with the Apple device as the attack entry point. You only need to click the malicious link to attack the kernel and take over the device; there is also the FORCEDENTRY in 2021. Vulnerability, this should be the most influential vulnerability in Apple's history, because the victim does not need any clicks, the attacker only needs to send iMessage information to the victim's mobile phone to complete the attack." The aforementioned 360 Vulnerability Research Institute said.
There is an argument that a hacker could exploit this vulnerability to compromise a user's iPhone without the user having to click any links. In this regard, the aforementioned 360 Vulnerability Research Institute pointed out that if hackers want to use this vulnerability to invade Apple devices, the victim still needs to click the link, "because from this Apple's security announcement, Apple has fixed these two vulnerabilities, one is It is a browser vulnerability, and the second is a kernel vulnerability. These two vulnerabilities form a complete attack chain. The victim only needs to click the malicious link sent by the hacker, and the hacker can take over the Apple device.”
Rendezvous thinks that interaction is required. "Unless it is in the same local area network, the attacker uses a specific hijacking method to tamper with a normal website such as Baidu into a vulnerability EXP, so that users can directly trigger the vulnerability as long as they visit Baidu." He pointed out that the attack methods for hackers to exploit this vulnerability include: Diffusion in the local area network, such as ARP (Address Resolution Protocol) under the same WiFi to deceive and implant this vulnerability, or to allow users to click on links with vulnerabilities through phishing methods such as emails and text messages.
The reporter noticed that on August 17 and 18, Apple China officially released system updates, including iOS 15.6.1, iPadOS 15.6.1, MacOS Monterey 12.5.1, watchOS 8.7.1 and Safari browser 15.6.1. From the update prompt, the above software is related to security, and Apple also reminds all users to install it as soon as possible.
The aforementioned 360 Vulnerability Research Institute pointed out that this vulnerability is actually a new vulnerability and an old method, and there is nothing too special in the attack method, but it is worth noting that in recent years, Apple has introduced a lot of effective security protection measures, constantly Increasing the difficulty of attack has also attracted widespread attention in the industry, and has been praised by the majority of security practitioners. "Under this circumstance, there are still wild vulnerability attacks, which is a major test and challenge for Apple."
For the general public, the breach is unlikely to cause widespread problems. Typically, when vulnerabilities in mobile phones such as iPhones are exploited, they are often targeted, and the attacks generally focus on a small group of people. However, Luren advises users not to relax their guard on digital security and privacy protection.
"Now that information leakage is so serious, it is very easy for others to get your information. If this loophole is widely disclosed, there should be a large number of people who have leaked information. Click." Therefore, he strongly advises the majority of digital product users not to click on links of unknown origin, not to visit some malicious websites, and to try not to use public free WiFi.
Previous:Unity splits its Chinese business: digging deep into the game engine market
Next:The price of graphics card is difficult to stop falling, and the performance of giants has changed
related articles
Article Comments (0)
- This article has not received comments yet, hurry up and grab the first frame~