Apple releases patch for zero‑day flaw in iOS, iPadOS and macOS

The vulnerability is under active exploitation by unknown attackers and affects a wide range of Apple’s products.

 Amer Owaida

Apple has released an update for its iOS, iPadOS, and macOS operating systems to patch a zero-day security flaw that is being actively exploited in the wild. The vulnerability affects a wide range of its products including the iPod touch and various models of the iPhone and iPad.

“Apple is aware of a report that this issue may have been actively exploited,” reads Apple’s security advisory describing the security loophole that is being plugged with the release of iOS 14.7.1 and iPadOS 14.7.1.

The list of impacted devices includes iPhone 6s and later, all versions of the iPad Pro, iPad Air 2 and later, the 5th generation of iPad and later, iPad mini 4 and later, and the 7th generation of the iPod touch. The same security flaw also affects the macOS operating system, so the Cupertino-based tech titan also issued a security update for macOS (Big Sur 11.5.1) to address the issue. As is usually the case, there is no word about the perpetrators and targets of the zero-day attacks.

Indexed as CVE-2021-30807, the vulnerability resides in the IOMobileFrameBuffer, a kernel extension that is used for managing the screen framebuffer, and is described as a memory corruption issue.

According to CyberSecurityHelp, the vulnerability could allow a local application to escalate privileges on the affected systems. “The vulnerability exists due to a boundary within the IOMobileFrameBuffer subsystem. A local application can trigger memory corruption and execute arbitrary code on the target system with kernel privileges,” reads its description of the security flaw.

The United States’ Cybersecurity and Infrastructure Agency (CISA) also took note of the release and issued a security advisory urging both users and administrators to apply the patches and update their devices. “Apple has released security updates to address a vulnerability in multiple products. An attacker could exploit this vulnerability to take control of an affected device,” said the agency.

Indeed, you would be well advised to apply the updates as soon as practicable. If you don’t have automatic updates enabled, you can update your iPhone and iPad manually by going to the Settings menu, then tapping General, and going to the Software Update section. To manually update your Mac devices, go to the Apple menu, click on About This Mac and then click on the Software Update button.

 

Popular Wi‑Fi routers still using default passwords making them susceptible to attacks

To mitigate the chances of their Wi-Fi home routers being compromised, users would do well to change the manufacturer’s default access credentials

Amer Owaida

One in 16 home Wi-Fi routers is still sporting the manufacturer’s default admin password, a recent study conducted by technology website Comparitech revealed. This flaw could allow cybercriminals to conduct all manner of cyberattacks, including hijacking the router or eavesdropping on their victims.

 “These routers, which number in the tens of thousands, can be remotely found and attacked using publicly available passwords, granting malicious hackers access to the victim’s home network,” reads the study.

 Comparitech’s research team analyzed the 12 most popular Wi-Fi home routers models being sold on Amazon. To test these devices, the researchers scanned the web for these routers and then used an automated script that used the manufacturer’s default passwords to log in to the router’s admin dashboard. Out of the total of 9,927 routers that they tested, they found that 635 were susceptible to default password attacks.

The results of the team’s investigation seemed to suggest that some of the routers could have been more persistent in prompting users to change the manufacturer’s default credentials during the initial setup process.

The AsusRT and MikroTik routers performed best since they couldn’t be accessed at all using the default passwords even though the researchers conducted hundreds of tests. Meanwhile, other routers didn’t fare as well.

“On the other end of the spectrum, roughly one in six ZTE ZXV10, XFinity, and NetGear Ethernet Plus Switch routers were found to be vulnerable to default password attacks unless the default admin password is changed,” said Comparitech. The full list of routers tested is available on Comparitech’s website.

A router with the default access credentials could grant malicious actors a foothold into your home network and even to the devices connected to it. Once they have their foot in the door, the cybercriminals could use the access to monitor what any device connect to the router is doing, what websites they’re browsing, and they could see any unencrypted data being sent over the network. Moreover, the threat actors could also abuse your connection to download pirated content or use it to access illegal materials, potentially making you a suspect or being liable for these activities.

 

That’s why it’s always prudent to change your Wi-Fi router’s default administrator password during its initial setup process. Make sure that when you’re doing that you avoid the common mistakes of password creation and create a strong and unique password. However, remember that you should use distinct passwords for accessing the Wi-Fi router admin settings and connecting to the internet via the router.

 

The study brings echoes of a similar investigation conducted by the British consumer watchdog Which? that found Wi-Fi routers contained various security flaws, including the use of weak default passwords, putting millions of Brits at risk. If you’re looking to mitigate the chances of your router getting compromised by threat actors you can check out our tips for boosting your router security. And for safe measure, you would do well to review your router’s configuration settings as well.