WWW.COMPUTERWORLD.COM
Apple admins: Update your hardware now
Among the first things Apple IT admins woke up to this morning was news of a pair of actively exploited zero-day attacks in the wild targeting Intel Macs, iPhones, iPads, and even Vision Pro users. Apple has already released software patches for the flaws, which is why the second thing admins realized is that they must rush through any necessary software verification process required before expediting installation of the update.In these days of remotely managed devices and increasingly effective MDM systems, thats far less a problem than it was in the past. You can usually make a policy change and push out updates to all your managed devices quickly.Companies that dont use these systems, or those that have employees using their own personal devices to access potentially sensitive internal data, must work harder to convince users to install security updates. So, what can they tell people about the latest threat that might help motivate them to install the patch today?Why you should update immediatelyFirst, Applesaysit believes the attack is being actively used, which means any Intel system including systems used by other people you interact with is a potential target. Apple is aware of a report that this issue may have been exploited, the company said.Second, it slips in using flaws in software you use daily, including JavaScript and WebKit, the rendering engine that powers the Safari browser on Apple devices. In other words, everyone using Apples devices is a potential target.Finally and perhaps best of all Apple has already shipped a fix for the problem, maintaining its reputation for being ahead of threats, rather thanechoingthe approach taken by some other platforms and racing to keep up with attacks. Its almost as if Apples systemsremain more secure for a reason. The company addressed 20 zero-day attacks in 2023 and has guarded against just six so far this year.Apple also shipped security patchesfor iOS 17 and iPad OS 17 systemsand patches for Safari onmacOS Ventura and Sonoma.What the experts sayMichael Covington, vice president for portfolio strategy at Jamf, thinks all users should update at once.While Apple has warned that the vulnerabilities, also present in macOS, may be actively exploited on Intel-based systems, we recommend updating any device that is at risk, he said. With attackers potentially exploiting both vulnerabilities, it is critical that users and mobile-first organizations apply the latest patches as soon as they are able.What are these attacks?The attack vector makes use of two vulnerabilities found in macOS Sequoia JavaScriptCore (CVE-2024-44308) and WebKit (CVE-2024-44309). The first lets attackers achieve remote code execution (RCE) through maliciously crafted web content; the second lets attackers engage in cross-site scripting attacks.As admins will recognize, RCE exploits can enable attackers to install malware surreptitiously on infected machines, perform denial-of-service attacks, or access sensitive information, while a cross-scripting attack can help hackers grab personal data for identity theft and other nefarious ends.No one wants to be a victim of either form of attack.Who is using these attacks?No information pertaining to who has been using these flaws in their attacks has been shared. With that in mind, its important to note that the flaws were identified by researchers at Googles Threat Analysis Group (TAG), which works to counter government-backed attacks. That suggests that whoever has been weaponizing these vulnerabilities is connected to a national entity of some kind.If that is the case,recent reports from TAG suggest an upsurge in such attacks, so users in some industries and professions might want to consider locking down their devices with ApplesLockdown Mode to minimize their attack surface. IT, meanwhile, should review security compliance, particularly among those using older iPhones, iPads, or Intel Macs.You can follow me on social media! Join me onBlueSky, LinkedIn,Mastodon, andMeWe.
0 التعليقات 0 المشاركات 18 مشاهدة