This Weekend, Make Believe with Gulf Coast Symphony
All Posts
Next Post ››Brilliant and Enthralling Theatre
 Inceptus Has Released a New Immediate Threat New Immediate Threat Advisory (Date 20240122) – (Apple Multiple Products Type Confusion Vulnerability) Advisory Overview Labeled as CVE-2024-23222, the already-exploited issue in iOS 17.3 is a vulnerability in WebKit, the engine that underpins Apple’s Safari browser, that could allow an attacker to execute code. “Apple is aware of a report that this issue may have been exploited,” the iPhone maker said on its support page. What is the Threat? Tracked as CVE-2024-23222, this is considered a type confusion vulnerability, in which processing maliciously crafted web content may enable a threat actor to achieve arbitrary code execution on the victim’s device. Alan Bavosa, vice-president of security products at AppDome, commented on the threat, saying “The recognised potential attack vectors, encompassing remote code execution, spyware, and kernel exploits, underscore the severity of this threat in the realm of mobile security as they could allow attackers to gain total control over iOS devices and compromise any unprotected apps or accounts running on the device.” Why is this Noteworthy? This vulnerability could allow an attacker to execute arbitrary code while the victim device processes maliciously crafted web content. What are the Recommendations? Please note that it is recommended to apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. For more details, you can check Apple’s security updates. There has been a software update released as of 1/24/2024, and it is recommended that you update your Apple products if applicable. References –https://nvd.nist.gov/vuln/detail/CVE-2024-23222 –https://support.apple.com/en-us/HT214055 –https://support.apple.com/en-us/HT214056 –https://support.apple.com/en-us/HT214057 –https://support.apple.com/en-us/HT214058 –https://support.apple.com/en-us/HT214059 –https://support.apple.com/en-us/HT214061 –https://support.apple.com/en-us/HT214063 –https://www.computerweekly.com/news/366567513/WebKit- vulnerability-sparks-Apples-first-major-security-update-of-2024 If you have any questions, please contact Inceptus at: Inceptus Cybersecurity (239) 673-8130 [email protected] www.inceptussecure.com #underourprotection      |