There’s a whole load of other macOS and iOS security flaws to worry about

iOS and macOS users urged to apply patches ASAP

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

If you haven’t yet applied the latest patches for yourAppledevices (both macOS and iOS), you should do it as soon as possible, as we now know that the older versions carried more vulnerabilities than previously thought.

Cybersecurity researchers from Trellix recently published a detailedblog post, in which it discussed discovering multiple vulnerabilities that are a “significant breach of the security model of macOS and iOS which relies on individual applications having fine-grained access to the subset of resources they need and querying higher privileged services for anything else.”

As per the report, one of the vulnerabilities was found in CoreDuetd, a process gathering behavior data. A threat actor with code execution in a process with the proper entitlements (thinkSafari), can use the privileges of this process to execute malicious code, the researchers said. As this process runs as root on macOS, threat actors could also access people’s calendars, address books, and photos.

Executing malware

Executing malware

A similar issue (with similar consequences) impacts another process related to CoreDuetd, called ContextStored. This one allows threat actors to use a vulnerable XPC service to execute code, using a process with higher privileges.

Furthermore, the appstored and appstoredagent daemons hold vulnerable XPC Services as well, allowing threat actors to install abritrary applications, including system apps.

Check out the best firewalls around>Apple reveals it patched even more security flaws than previously thought>Apple releases security fix for iPhone and Mac zero-day flaw, so update now

Additional similar vulnerabilities were found in services available to almost any app - OSLogService, and UIKitCore.

“By setting malicious scene activation rules an app can achieve code execution inside of SpringBoard, a highly privileged app that can access location data, the camera and microphone, call history, photos, and other sensitive data, as well as wipe the device,” the researchers concluded.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

While these vulnerabilities might be dangerous, and could result in data exfiltration,malwaredeployment, and in radical cases - endpoint destruction - they’ve all been addressed by Apple. MacOS 13.2, and iOS 16.3 both fixed the problems, which is why Trelling urges all users not to wait to apply the patch.

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics