For HomeFor BusinessFor Partners
Industry News
1 min read

Apple Rolls Out iOS 17.0.3 to Plug Another ‘Actively Exploited’ Kernel Hole

Filip TRUȚĂ

October 05, 2023

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Apple Rolls Out iOS 17.0.3 to Plug Another ‘Actively Exploited’ Kernel Hole

iPhone and iPad users must deploy a new security update to fend off potential hacker attacks, according to a new advisory from Cupertino, California.

Apple this week is rolling out iOS 17.0.3 and iPadOS 17.0.3 to address two security flaws, one of which is said to be under active exploitation in the wild.

“A local attacker may be able to elevate their privileges,” the tech giant explains, describing a critical Kernel flaw tracked as CVE-2023-42824. “Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.6.”

Going by the description, this weakness may only work as part of a wider exploit chain, but apparently it’s serious enough to warrant an emergency security update.

Spyware operators typically weave together different exploits to deploy their malware onto vulnerable devices.

The most recent attack occurred last month, when politically motivated threat actors exploited multiple flaws in iOS to infect a high-profile target’s iPhone with Predator spyware, as researchers at The Citizen Lab reported.

This week’s update addresses a second bug as well. Tracked as CVE-2023-5217, this WebRTC flaw is triggered by a buffer overflow, which may enable “arbitrary code execution” on the attacker’s end, according to Apple’s notice. Unlike the Kernel weakness, this security hole isn’t known to be actively exploited by threat actors.

As unpatched bugs on Apple platforms are frequently weaponized by threat actors, Bitdefender strongly recommends making all security updates a priority as the vendor makes them available.

On your iPhone or iPad, visit Settings -> General -> Software Update. Allow your iDevice to fetch the goods from Apple’s servers, then choose Download and Install.

When in doubt, use the trusty Lockdown Mode available from iOS 16 and macOS Ventura onwards. Last but not least, consider deploying a dedicated security solution to fend off the vast array of threats in today’s digital landscape.

tags

Industry News

Author

Filip TRUȚĂ

Filip TRUȚĂ

Filip has 15 years of experience in technology journalism. In recent years, he has turned his focus to cybersecurity in his role as Information Security Analyst at Bitdefender.

View all posts

Right now Top posts

Netizens Fear Scammers Will Steal Their Savings but Do Little to Defend Themselves, Bitdefender Survey Shows
Industry News Scam

Netizens Fear Scammers Will Steal Their Savings but Do Little to Defend Themselves, Bitdefender Survey Shows

July 01, 2024

7 min read
Uncovering IoT Vulnerabilities: Highlights from the Bitdefender - Netgear 2024 Threat Report
Smart Home

Uncovering IoT Vulnerabilities: Highlights from the Bitdefender - Netgear 2024 Threat Report

June 26, 2024

2 min read
UEFA EURO 2024 Scams Are Already Here – How to Stay Safe
Scam Tips and Tricks

UEFA EURO 2024 Scams Are Already Here – How to Stay Safe

June 25, 2024

5 min read
Most People Still Write Important Passwords Down, Bitdefender Report Finds
Digital Privacy Threats

Most People Still Write Important Passwords Down, Bitdefender Report Finds

June 07, 2024

2 min read

FOLLOW US ON SOCIAL MEDIA

You might also like

Cybersecurity Grand Prix: Pole Position Passwords
Cybersecurity Grand Prix

Cybersecurity Grand Prix: Pole Position Passwords
Bitdefender

June 21, 2024

3 min read
The Safety Formula - Episode 10: Human Intuition Meets Advanced Technology
The Safety Formula

The Safety Formula - Episode 10: Human Intuition Meets Advanced Technology
Bitdefender

April 17, 2024

2 min read
Ukraine claims it hacked Russian Ministry of Defence, stole secrets and encryption ciphers
Industry News

Ukraine claims it hacked Russian Ministry of Defence, stole secrets and encryption ciphers
Graham CLULEY

March 06, 2024

2 min read

Bookmarks

loader