

Apple Inc. has released patches for two unpatched vulnerabilities being exploited in the wild that target Apple devices, including iPhones, iPads and Mac computers.
The first vulnerability, designated CVE-2023-28205, is described by Apple as an issue in WebKit that allowed for the processing of maliciously crafted web content that could lead to arbitrary code execution. The second, CVE-2023-28206, is described as an issue with IOSurfaceAccelerator that would allow an app to execute arbitrary code with kernel privileges.
Both vulnerabilities were discovered by Clément Lecigne of Google LLC’s Threat Analysis Group and Donncha Ó Cearbhaill of Amnesty International’s Security Lab. Apple also noted Friday that it ‘ aware of a report that both “may have been actively exploited.”
The two vulnerabilities targeted iOS 16.4.1, iPadOS 16.4.1, macOS 13.3.1 and Safari 16.4.1, subsequently affecting iPhone 8 and later models, all iPad Pro models, iPad Air third generation or later, iPad and iPad Mini – fifth generation or later and Macs running macOS Ventura.
Apple released patches for the vulnerabilities on Friday, but given the Easter weekend, they were initially mostly overlooked. In its advisory, Apple recommends that users keep their software updated to maintain product security.
Worldwide, governments and security advisory firms are also encouraging users to update their products. The Straits Times reported today that the Singapore Computer Emergency Response Team is urging users to install the updates immediately.
Apple didn’t go into depth about what was involved in the vulnerabilities, but Krishna Vishnubhotla, vice president of product strategy at mobile security solutions provider Zimperium Inc., explained to SiliconANGLE what the various components do.
“The IOSurfaceAccelerator framework is used by many iOS and macOS applications that require high-performance graphics processing, such as video editors, games and augmented reality applications,” Vishnubhotla said. “If IOSurfaceAccelerator is exploited, it could potentially allow an attacker to gain unauthorized access to sensitive data or execute malicious code on an iOS device.”
WebKit, the engine under Apple’s Safari browser and used by Apple to render webpages in apps, is much better-known, and Vishnubhotla noted that any security vulnerabilities in the engine can pose a significant risk to users.
“Exploiting a vulnerability in WebKit could allow attackers to take control of the device’s web browsing capabilities and steal sensitive user data, such as login credentials and other personal information,” he said. “It could also allow attackers to inject malicious code into web pages or launch phishing attacks to trick users into revealing sensitive information.”
Support our open free content by sharing and engaging with our content and community.
Where Technology Leaders Connect, Share Intelligence & Create Opportunities
SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.