Apple Fixed Some Interesting Bugs in iOS and macOS (Mar 26, 2019)
Apple has released security updates for several applications including iCloud, iTunes, iOS, macOS, Safari, tvOS, and Xcode. Over eleven different registered vulnerabilities were patched in this update. Registered vulnerability, "CVE-2018-4461," which allowed for kernel-level memory corruption, was fixed in the Xcode software. The new iOS 12.2 update fixed seven different registered vulnerabilities such as flaws that allowed for malicious applications/websites to access a device's microphone without indication (CVE-2019-8566 and CVE-2019-6222), two flaws that could allow a malicious application to obtain root privileges (CVE-2019-8565) or overwrite arbitrary files (CVE-2019-8521), a flaw in the GeoServices component (CVE-2019-8553) that could lead to arbitrary code execution, a vulnerability in Mail, (CVE-2019-7284) that could lead to signature spoofing, and a vulnerability in Safari (CVE-2019-8554) that would allow a website to access sensor information without user consent. This update patched over 14 different registered vulnerabilities in total.
Recommendation: Attacks can sometimes be detected by less conventional methods, such as behaviour analysis, and heuristic and machine learning-based detection systems. Threat actors are often observed to use vulnerabilities even after they have been patched by the affected company. As this story portrays, it is crucial that policies are in place to ensure that all employees install patches as soon as they are made available in order to prevent exploitation by malicious actors.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.