HomesecuritySpeculation that yesterday's iOS security fix was for NSO exploit

Speculation that yesterday's iOS security fix was for NSO exploit

Apple released iOS 14.7.1 yesterday, citing an iOS security patch for a vulnerability that may have been actively exploited.

Result: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.

Description: An alteration problem memory handled with improved memory handling.

See also: Chrome 92 for iOS: Gets FaceID / TouchID lock for incognito tabs


There are two indications that the correction was for an exploit used by the NSO in a zero-click attack, which was used against iPhones belonging to dissidents, activists, human rights lawyers and opposition politicians.

First, Amnesty International's report stated that simply downloading a particular iMessage could be enough to endanger a phone and allow access to personal data. The analysis shows that this was achieved through memory overflow, which matches Apple's description of defect.

See also: All the new features offered by iOS 14.7

Second, Apple said it knew the vulnerability could have been actively exploited by hackers. The company wording is rather academic in tone, but this is typical of Apple's style.

The Register notes the possible link, and also says that the exploit code has now been posted.

Apple on Monday fixed a zero-day vulnerability in its iOS, iPadOS and macOS operating systems, just a week after releasing a series of operating system updates that face about three dozen other bugs.

The error, CVE-2021-30807, was found in iGiant's IOMobileFrameBuffer code, a kernel extension for its management screen frame buffer which could be used to execute malicious code on the affected device.

CVE-2021-30807, credited to an anonymous researcher, has been addressed by an unknown but supposedly improved memory handling code […]

However, Apple did not say who might be involved in exploiting this bug. The company also did not answer a question about whether the error was exploited by the NSO Group Pegasus surveillance software […]

IOMobileFrameBuffer has given a path to Apple software many times over the last decade. Probably the coders The company will take a closer look at the software to see if there is anything else they have missed.

See also: SolarWinds hackers: Use iOS zero-day bug to breach iPhone updates

A security researcher who had earlier identified the issue but did not have time to process it in a detailed report to Apple, shared the details he found.

Other security researchers have called on Apple to address iMessage vulnerabilities in such attacks as a much higher priority. John Green Hopkins Associate Professor and cryptographer Matthew Green said Apple should "rewrite most of its codebase iMessage in a language that is safe for memory ", while security researcher and iPhone jailbreaker Will Strafach said that Apple should make it easier for researchers to see what happens when such attacks occur, so that the underlying vulnerabilities can be identified more easily.

Source of information:

Teo Ehc
Be the limited edition.