September 2, 2016

Security Alert: Apple Just Patched Trident in Macs, Too

Discovered By
Lookout
Platform(s) Affected
iOS
Threat Type
Vulnerability
Entry Type
Threat Summary
Platform(s) Affected
Lookout
iOS
Vulnerability
Threat Summary

In the process of researching and disclosing the Trident iOS vulnerabilities, Lookout and our partners discovered another detail: these three software holes were present in Apple’s Mac computers, as well. Mobile devices and PCs are being attacked in similar ways. The devices can have the same vulnerabilities and very similar attacks. As mobile devices become the primary computing device people use for their work, enterprises will need to have the same security protection and incident response measures on both platforms.

We worked directly with Apple to patch the vulnerabilities, and allowed sufficient time for the patch to be distributed before disclosing. You can see Apple’s patch notification here.

Lookout originally found the vulnerabilities in iOS devices, as part of an incredibly sophisticated mobile attack called Pegasus (which Lookout worked with the researchers at Citizen Lab to uncover). The Pegasus attack would allow an attacker to spy on victims include accessing messages, calls, emails, logs, existing apps on the device, and more. While we have only seen an organized attack against iOS mobile devices, an attack could exist for Macs.

The vulnerabilities on iOS were listed under the following CVEs:

  • CVE-2016-4655: Information leak in Kernel – A kernel base mapping vulnerability that leaks information to the attacker allowing him to calculate the kernel’s location in memory.
  • CVE-2016-4656: Kernel Memory corruption leads to Jailbreak – 32 and 64 bit iOS kernel-level vulnerabilities that allow the attacker to silently jailbreak the device and install surveillance software.
  • CVE-2016-4657: Memory Corruption in Webkit – A vulnerability in the Safari WebKit that allows the attacker to compromise the device when the user clicks on a link.

Interested in learning more about Trident, the Pegasus attack, and how it impacts your company? Contact us.

Colleagues standing in an open meeting area and sharing a humorous moment

Stop Cyberattacks Before They Start With Industry-Leading Threat Intelligence.

Other Related Threats

New

September 12, 2023

BlastPass - iOS 16.6 and 15.7.8

Apple released two security updates, 16.6.1 and 15.7.9 for iOS and iPadOS to address the vulnerabilities exploited by the BlastPass exploitation chain.

May 24, 2023

iOS 15.7.5/ iOS 16.4

June 22, 2023

Multiapp-CVE-2023-3079