Apple Backports Security Patches to Older iPhones and iPads Amid Active Exploitation of Zero-Day

May 13, 2024

Apple has recently applied security patches to older models of iPhones and iPads, addressing a zero-day vulnerability that was reportedly being exploited in targeted attacks. The vulnerability in question is a memory corruption issue in Apple's RTKit real-time operating system, which could potentially allow threat actors to bypass kernel memory protections.

The tech giant has not yet credited the discovery of this security flaw to any security researcher. The zero-day vulnerability, tracked as CVE-2024-23296, was initially addressed by Apple on March 5th for newer models of iPhones, iPads, and Macs. The recent security updates, which have been backported to address this security flaw on iOS 16.7.8, iPadOS 16.7.8, and macOS Ventura 13.6.7, include improved input validation.

Devices that have received the patch include iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation. Apple has not yet revealed who discovered the zero-day or whether it was found internally. Moreover, the company has not provided any details about the nature of the attacks that exploited this vulnerability in the wild.

It is common for iOS zero-days to be used in state-sponsored spyware attacks targeting high-risk individuals such as journalists, dissidents, and opposition politicians. While this particular zero-day was likely used only in targeted attacks, users of older iPhone or iPad models are strongly advised to install the latest security updates as soon as possible to prevent potential attack attempts.

Since the beginning of the year, Apple has addressed three zero-days: two in March (CVE-2024-23225 and CVE-2024-23296) and one in January (CVE-2024-23222). In addition, Apple backported patches for two WebKit zero-days (CVE-2023-42916 and CVE-2023-42917) in January, which were initially patched in November for newer devices.

With the latest iOS 17.5 update, Apple has also introduced support for unwanted tracking alerts. Similar to a feature recently launched by Google on Android 6.0+ devices, these alerts will warn users if Bluetooth tracking devices (such as AirTag, Find My accessory, or other compatible Bluetooth trackers) are being used to track their location.

Related News

Latest News

Like what you see?

Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.

Subscribe Below

By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.

Accelerate Security Teams

Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.