What Happened?
According to a report published on Naked Security by Sophos, Apple has released an urgent security update for all devices running the latest Apple operating systems. This update is due to a zero-day exploit being discovered in Apple’s WebKit, which functions as part of the operating system and processes data from remote web servers. This means that many applications that display information from the internet by using the WebKit, such as safari, can be affected by this security hole. When exploited, a remote code execution (RCE) allows hackers to implant malware on a device by simply hiding it in otherwise normal websites.
Unlike other cyber-attacks such as phishing, which require you to click a link or fill out a form to be hacked, RCE can infect a device through normal behavior such as opening an application that utilizes the Webkit. This makes it very easy to become a victim to this kind of attack, so it is imperative that those who have been notified of the update do it as soon as possible.
Who Were the Victims?
Though Apple has not released any information on how many potential victims there may be, their update notice refers to the security hole as “a zero-day hole that crooks are already abusing for evil ends,” implying that attackers are actively using the flaw to infect user devices.
What Could Have Prevented This?
With zero-days increasing at a rapid rate, application providers are struggling to find the solution to this problem. The important take away is implementing a proactive data protecting product within the application itself.
For example, with Eclypses MTE Technology, it allows the client to integrate MTE technology inside the application to create a separation from the operating system and ensure that all sensitive data is protected as soon as it is created. Securing data in this way ensures that only the application is authorized to access sensitive data, eliminating the need for trust in third parties, including the operating system, and reducing the effects of operating system zero-day attacks. For more information on zero-day attacks, click here.