March 31, 2021

iOS WebKit Vulnerabilities

Platform(s) Affected
iOS
Threat Type
Vulnerability
Entry Type
Security Guidance
Platform(s) Affected
iOS
Vulnerability
Security Guidance

Lookout Coverage and Recommendation for Admins

With Vulnerability and Patch Management, Lookout admins can set the default OS Out-of-Date policy to have a minimum compliant iOS version of 14.4.2 From there, admins can choose whether to simply alert the user that the device is out of compliance or completely block access to corporate resources until iOS is updated.

In addition, Lookout Phishing & Content Protection will help protect mobile users from malicious phishing campaigns built to exploit these vulnerabilities. Lookout PhishingAI constantly monitors the web for new sites built specifically for phishing purposes and implements protection against them in near real-time.

Overview

Apple released an urgent software update to iOS 14.4.2 to patch a serious vulnerability in Apple’s WebKit browser engine. This vulnerability is actively being exploited in the wild according to Apple. This is not the first urgent security patch that Apple has released for iOS 14, as there were three highly critical vulnerabilities found in iOS 14.3 earlier in 2021. In addition to releasing 14.4.2, Apple also deemed this vulnerability serious enough to release an update for devices that can only run up to iOS 12, such as iPhone 5s, 6, and older iPads.

Lookout Analysis

While Apple hasn’t released many details about the vulnerability, a successful exploit could allow malicious websites to perform arbitrary cross-scripting on the device. This means that an attacker could easily redirect you to a malicious page they built, phish login credentials for personal or corporate accounts, or deliver malware to the device to spy on the user or exfiltrate files from any cloud- based service that user has access to. In addition, the attacker could perform actions on the user’s behalf on malicious sites.

Since this vulnerability exists in WebKit, it could also be used inside iOS apps. This incident exemplifies why attackers have found that delivering phishing links through platforms like social media, third-party messaging apps, gaming, and even dating apps makes it easier to socially engineer mobile users.

Lookout Coverage and Recommendation for Admins

With Vulnerability and Patch Management, Lookout admins can set the default OS Out-of-Date policy to have a minimum compliant iOS version of 14.4.2 From there, admins can choose whether to simply alert the user that the device is out of compliance or completely block access to corporate resources until iOS is updated.

In addition, Lookout Phishing & Content Protection will help protect mobile users from malicious phishing campaigns built to exploit these vulnerabilities. Lookout PhishingAI constantly monitors the web for new sites built specifically for phishing purposes and implements protection against them in near real-time.

Colleagues standing in an open meeting area and sharing a humorous moment

Stop Cyberattacks Before They Start With Industry-Leading Threat Intelligence.

Other Related Threats

New

September 22, 2023

iOS 16.6.1 and iOS 17.0

Apple recently released two software updates for iOS and iPad OS for vulnerabilities that can form an exploit chain and are also known to install Predator spyware.

September 15, 2023

Scattered Spider

September 19, 2023

CVE-2023-4863