Active Exploitation of Zero-Day Vulnerabilities in Apple Products

Published on 22 Sep 2023

Apple has released security updates to address three zero-day vulnerabilities (CVE-2023-41991, CVE-2023-41992, and CVE-2023-41993). The vulnerabilities are reportedly being actively exploited.

The vulnerabilities are:
CVE-2023-41991 - A certificate validation vulnerability in the Security Framework that could allow an attacker to bypass signature detection using malicious apps.
CVE-2023-41992 - A vulnerability in the Kernel Framework that could allow a local attacker to elevate their privileges.
CVE-2023-41993 - A Webkit Engine vulnerability that could be exploited using a maliciously crafted webpage, resulting in arbitrary code execution on the affected products.

The vulnerabilities affect the following products: 
• Macs running macOS Ventura
• iPhone 8 and later
• iPad Pro (all models)
• iPad Air 3rd generation and later
• iPad 5th generation and later
• iPad mini 5th generation and later
• Apple Watch Series 4 and later

Users of affected products are advised to update to the latest versions immediately:
• macOS Ventura 13.6 for macOS Ventura
• iOS 17.0.1 for iPhone XS and later
• iPadOS 17.0.1 for iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
• iOS 16.7 for iPhone 8 and later
• iPadOS 16.7 for iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
• watchOS 10.0.1 for Apple Watch Series 4 and later
 

Users are also advised to enable automatic software updates by going to Settings > General > Software Updates > Enable Automatic Updates.

More information is available here:
https://support.apple.com/en-us/HT213926
https://support.apple.com/en-us/HT213930
https://support.apple.com/en-us/HT213931
https://www.bleepingcomputer.com/news/apple/apple-emergency-updates-fix-3-new-zero-days-exploited-in-attacks/