Apple has released patches that amend the serious iOS zero-day vulnerabilities collectively known as Trident. They allow attackers remote control of the victim devices, jailbreaking and malware installation. The bugs are used in the formidable spyware known as Pegasus.
Apple Amends the Trident Zero-Day Issues
Apple has released security patches that fix the Trident zero-day vulnerabilities known as Trident. The issues were discovered in iOS and included CVE-2016-4655, CVE-2016-4656, and CVE-2016-4657. The problems were discovered by Lookout and Citizen Labs who have worked with the company on the issues before disclosing them publicly.
Lookout describes the Trident exploits as “sophisticated” and the vulnerabilities are already used by criminals. A spyware product called Pegasus employs the security weaknesses that constitute Trident. According to the security researchers this utility is the most sophisticated attack that they have seen on any endpoint as it takes advantage of the inter connectivity of the consumer mobile devices. Pegasus is distributed through classic techniques – spam email messages and phishing web sites. The developere of the spyware can customize Pegasus to infect different web services and amend behavior patterns of the hosts. The exploit kit has the ability to update itself autonomously which makes it harder to remove from the infected devices.
Two of the vulnerabilities are related to kernel mismanagement. A validation issue through improved input sanitization can lead to kernel memory exposure. Attackers could utilize this memory corruption bug to jailbreak the target devices. The other kernel issue gives malicious users the ability to execute arbitrary code with kernel privileges.
The final bug is rooted in a WebKit vulnerability. Visiting a maliciously crafted site may lead to remote arbitrary code execution.
The bugs can be used in combination to target unpatched iOS devices. The latest iOS update with version number 9.3.5 fixes the issues, and all Apple device owners should update as quickly as possible.
More information on the update is available on Apple’s website.