A critical remote code execution vulnerability in Apple Safari, identified as CVE-2024-44308, has been discovered and actively exploited in the wild.
The flaw affects multiple Apple platforms, including:-
- iOS
- iPadOS
- macOS
- visionOS
The vulnerability, which resides in the JavaScriptCore component of WebKit, allows attackers to execute arbitrary code by processing maliciously crafted web content.
While Apple has confirmed that this issue or vulnerability has been actively exploited on Intel-based Mac systems.
Clement Lecigne and Benoit Sevens of Google’s Threat Analysis Group (TAG) discovered and reported the vulnerability. TAG is known for investigating targeted attacks, suggesting that this exploit may have been used in limited, targeted operations.
Leveraging 2024 MITRE ATT&CK Results for SME & MSP Cybersecurity Leaders – Attend Free Webinar
Technical Analysis
The flaw affects the following versions:-
- iOS and iPadOS versions prior to 17.7.2 and 18.1.1
- macOS Sequoia versions prior to 15.1.1
- visionOS versions prior to 2.1.1
- Safari versions prior to 18.1.1
Apple has addressed the vulnerability with improved checks and released patches in the following updates:-
- Safari 18.1.1
- iOS 17.7.2 and iPadOS 17.7.2
- macOS Sequoia 15.1.1
- iOS 18.1.1 and iPadOS 18.1.1
- visionOS 2.1.1
Technical analysis reveals that the vulnerability stems from a register corruption issue in WebKit’s DFG JIT compiler, specifically related to improper allocation timing of the scratch2GPR register.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-44308 to its Known Exploited Vulnerabilities Catalog, urging users and organizations to apply the necessary patches by December 12, 2024.
Security experts emphasize the importance of promptly updating affected devices to mitigate the risk of unauthorized access, data theft, and system compromise. The vulnerability’s high CVSS score of 8.8 underscores its severity and potential impact.
As Mac-based attacks continue to rise, cybersecurity firms have noted an increase in macOS malware, particularly targeting cryptocurrency-related businesses.
This trend highlights the growing need for enhanced security measures and awareness among macOS users, especially in organizational settings.
Apple users are strongly advised to update their devices immediately to the latest software versions to protect against this and other potential security threats.
Analyse Advanced Malware & Phishing Analysis With ANY.RUN Black Friday Deals : Get up to 3 Free Licenses.