Apple said the iOS 17.0.3 and iPadOS 17.0.3 patch addresses a new Zero-Day vulnerability in iOS and iPadOS that is being actively exploited.
According to The Hacker News, the patched bug has tracking code CVE-2023-42824, which is a kernel vulnerability that could be used by local attackers to escalate privileges. Apple said it received this report from versions prior to iOS 16.6 and resolved the issue by improving testing steps.
As usual, details about the nature of the attacks and the identities of the threat actors responsible have not been released. ‘s new update Apple also addresses the bug CVE-2023-5217 affecting the WebRTC component, which Google previously described as a buffer overflow in the libvpx library
With the iOS 17.0.3 and iPadOS 17.0.3 patches, Apple not only resolved the abnormal overheating problem on the newly released iPhone 15 series but also resolved a total of 17 exploited Zero-Day vulnerabilities. Actively working on affected device lines since the beginning of the year.
Two weeks ago, the Cupertino-based giant released iOS and iPadOS 17.0.2, which mentioned patching 3 security flaws (CVE-2023-41991, CVE-2023-41992, and CVE-2023- 41993) has been confirmed to be an active exploit by security experts. These Zero-Day errors were used by Cytrox, an Israeli spyware company, to spread Predator malware onto the iPhone of a former Egyptian parliamentary official earlier this year.
Users at risk of being targeted can use the Lockdown Mode equipped by Apple on iOS 16 to reduce the risk of being exploited by spyware
