Apple crypto users may be vulnerable to iOS and macOS flaws
Kaspersky drew attention to flaws in Apple’s operating systems, which allowed for complete device access.
Apple’s operating system has been proven to have yet another critical flaw. Linking to a Kaspersky article, it was noted that these iOS and macOS vulnerabilities pose a “high threat” level.
Due to the severity of the threat, Apple swiftly released updates to its most recent operating systems and “several previous versions.”
Kaspersky’s investigation uncovered that the first vulnerability, labeled “CVE-2023-28205,” affects the development architecture of the Safari web browser. In the event of exploitation, malicious actors could execute arbitrary code on the device.
Using the flaw, attackers may run arbitrary code with the same privileges as the operating system itself. It is feasible to acquire access to the device and circumvent security partitions in order to gain complete access when both vulnerabilities are exploited simultaneously.
Kaspersky noted that all websites seen on Apple’s mobile devices are rendered using the Safari framework. In addition, the browser architecture makes “zero-click” infection conceivable.
The company recommends installing the latest Apple updates, version 16.4.1 for the latest iOS, iPadOS, and tvOS devices.
Older iPhones and iPads that are no longer supported must run iOS version 15.7.5. Similarly, another researcher drew parallels between this vulnerability and ongoing MetaMask vulnerabilities, which appear to lack known attack vectors.