Apple Issues Security Updates for Older iOS Devices Targeted by Coruna WebKit Exploit

Apple Issues Security Updates for Older iOS Devices Targeted by Coruna WebKit Exploit

Apple Backports Critical WebKit Fixes to Legacy Devices as Coruna Exploit Kit Threat Looms

In a significant security move, Apple has backported critical WebKit vulnerability fixes to older versions of iOS and iPadOS, responding to the emergence of the Coruna exploit kit—a sophisticated cyber threat targeting legacy Apple devices. The company’s swift action underscores the ongoing battle between tech giants and cybercriminals exploiting outdated systems.

The vulnerability in question, tracked as CVE-2023-43010, is a memory corruption flaw in WebKit, Apple’s browser engine. This flaw could allow malicious actors to execute arbitrary code by processing specially crafted web content. Apple initially addressed this issue in iOS 17.2, released on December 11, 2023, but has now extended the fix to older devices that cannot upgrade to the latest iOS version.

Expanded Protection for Legacy Devices

Apple’s latest updates bring the CVE-2023-43010 fix to the following devices:

  • iOS 15.8.7 and iPadOS 15.8.7: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation).
  • iOS 16.7.15 and iPadOS 16.7.15: iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation.

These updates also include patches for three additional vulnerabilities linked to the Coruna exploit kit:

  1. CVE-2023-43000: A use-after-free issue in WebKit, originally fixed in iOS 16.6.
  2. CVE-2023-41974: A kernel-level use-after-free issue, originally fixed in iOS 17.
  3. CVE-2024-23222: A type confusion issue in WebKit, originally fixed in iOS 17.3.

The Coruna Exploit Kit: A Growing Threat

The Coruna exploit kit first came to light earlier this month when Google revealed its existence. This sophisticated toolkit features 23 exploits across five chains, designed to target iPhone models running iOS versions between 13.0 and 17.2.1. iVerify, a cybersecurity firm tracking the malware framework under the name CryptoWaters, has noted similarities between Coruna and previous frameworks developed by threat actors affiliated with the U.S. government.

Speculation and Attribution

The origins of Coruna have sparked significant speculation. Some experts believe it may have been developed by L3Harris, a U.S. military contractor. Others point to Peter Williams, a former L3Harris general manager sentenced to over seven years in prison for selling exploits to a Russian broker known as Operation Zero. The exploit kit’s use of two vulnerabilities—CVE-2023-32434 and CVE-2023-38606—previously weaponized in the Operation Triangulation campaign has further fueled these theories.

However, Kaspersky, a leading cybersecurity firm, has cautioned against jumping to conclusions. “Despite our extensive research, we are unable to attribute Operation Triangulation to any known APT group or exploit development company,” said Boris Larin, principal security researcher at Kaspersky GReAT. He emphasized that the mere exploitation of these vulnerabilities does not necessarily indicate a shared origin.

The Broader Implications

The emergence of Coruna highlights the persistent challenges of securing legacy devices and the evolving tactics of cybercriminals. As Apple continues to patch vulnerabilities and expand support for older devices, users are reminded of the importance of keeping their systems up to date. For those unable to upgrade, these backported fixes offer a crucial layer of protection against sophisticated threats.

Tags:

Apple #iOS #iPadOS #macOS #WebKit #CVE2023 #Coruna #ExploitKit #Cybersecurity #MemoryCorruption #LegacyDevices #SecurityPatch #CryptoWaters #OperationTriangulation #L3Harris #PeterWilliams #Kaspersky #APT #Malware #ZeroDay #TechNews #Viral

Viral Sentences:

  • “Apple’s backported fixes are a lifeline for legacy devices under siege by the Coruna exploit kit.”
  • “The Coruna exploit kit: 23 exploits, 5 chains, and a growing cyber threat.”
  • “Is Coruna the work of L3Harris or a Russian exploit broker? The mystery deepens.”
  • “Kaspersky warns: Attribution is not as simple as it seems in the world of cyber espionage.”
  • “Operation Triangulation’s legacy lives on in the Coruna exploit kit.”
  • “Peter Williams’ exploits: A cautionary tale of cyber arms dealing.”
  • “Apple’s swift action: Protecting legacy devices from the Coruna menace.”
  • “The battle for cybersecurity: Tech giants vs. exploit kits like Coruna.”
  • “Memory corruption flaws: The Achilles’ heel of modern devices.”
  • “CryptoWaters: The shadowy framework behind the Coruna exploit kit.”

,

/0 Comments/by
0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *