Apple has release a new batch of security updates and has fixed three iOS zero-days that “may have been actively exploited” by attackers.
The three zero-days
![Day Day](https://www.bleepstatic.com/content/hl-images/2019/07/18/Remote_Desktop.jpg)
OSX/Linker came to light in May 2019. It exploited a zero-day vulnerability in Gatekeeper to install malware. The 'MacOS X GateKeeper Bypass' vulnerability had been reported to Apple back in.
- On Friday, Google's Project Zero researchers quietly published a forum post outlining a previously unknown vulnerability in MacOS, which they call BuggyCow, in a piece of proof-of-concept.
- Apple has patched a critical macOS zero-day (CVE-2021-30657) that has been exploited by Shlayer malware for months and has finally introduced/enabled the App Tracking Transparency feature and policy in iOS, iPadOS and tvOS.
Two of the zero-day vulnerabilities (CVE-2021-1870 and CVE-2021-1871) are logic issues affecting the WebKit browser engine, which may allow a remote attacker to achieve code execution on devices running a vulnerable version of iOS or iPadOS (i.e., those prior to version 14.4).
The third zero-day (CVE-2021-1782) affects the operating systems’ kernel. It is a race condition that can be exploited by a malicious application to elevate privileges on a vulnerable iPhone or iPad. CVE-2021-1782 also affects watchOS and tvOS, and has been fixed in the released updates (watchOS 7.3 and tvOS 14.4).
An anonymous researcher has been credited with the reporting of all three flaws. Hell court mac os.
As per usual, Apple has decided not to share specific details about the flaws or the attack(s) they might be used for.
Zero-days exploited
Presumably, the attackers are using one or both of the WebKit flaws to execute an initial malicious payload on targeted devices, then the kernel vulnerability to achieve the necessary privileges to completely compromise the device and spy on targets’ activities.
It’s unknown whether the attacks are targeted or widespread. Apple has noted that additional details will be available soon. In the meantime, users are advised to update their devices to plug the exploited iOS zero-days.
In the last six months, similar iOS zero-days have been leveraged in targeted attacks flagged by the Google Threat Analysis Group (TAG) and Citizen Lab. The latter found them being used to install NSO Group’s Pegasus spyware.
Apple has also released a security update for iCloud for Windows that fixes four vulnerabilities that may lead to arbitrary code execution or heap corruption, and Xcode, its integrated development environment for macOS, which fixes a path handling issue that could allow a malicious application to access arbitrary files on the host device while running an app that uses on-demand resources with Xcode.
The Outbreak: Day Zero Mac Os Catalina
Your Mac might be turned on but appear to be turned off, even though it's connected to AC power and a working display. Follow these steps.
The Outbreak: Day Zero Mac Os Download
- Press and hold the power button on your Mac for at least 10 seconds, then release. If your Mac is turned on, this forces it to turn off.
- If you see no change on your Mac, press and release the power button normally.
- If your Mac now turns on but doesn't finish starting up, follow the steps for when your Mac doesn't start up all the way.
- If your Mac still doesn't turn on, please contact Apple Support.