Security News > 2023 > October > Apple drops urgent patch against obtuse TriangleDB iPhone malware

Apple drops urgent patch against obtuse TriangleDB iPhone malware
2023-10-26 21:15

Apple pushed several security fixes on Wednesday, including one for all iPhone and iPads used before September last year that has already been exploited by cyber snoops.

This is the second patch that Apple has issued to fix the vulnerability.

In July, the company released an update addressing the same issue for nearly every iPhone and iPad model as well as Apple Watches series 3 and later, and computers running macOS Ventura, Monterey, and Big Sur.

Kaspersky researchers Georgy Kucherin, Leonid Bezvershenko, Boris Larin, and Valentin Pashkov discovered the bug and reported it to Apple.

The other three bugs discovered by Kaspersky researchers are: CVE-2023-32435, CVE-2023-38606, and CVE-2023-41990, and they were used by still-unknown cyber spies to compromise essentially all manner of Apple products.

"Following publication of the first report about the Operation Triangulation, we set up a mailbox for victims of similar attacks to be able to write to, and received emails from other users of Apple smartphones, claiming that they also found signs of infection on their devices," Kaspersky's global research and analysis team told The Register.


News URL

https://go.theregister.com/feed/www.theregister.com/2023/10/26/apple_triangledb_exploit/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-09-12 CVE-2023-41990 Unspecified vulnerability in Apple products
The issue was addressed with improved handling of caches.
local
low complexity
apple
7.8
2023-07-27 CVE-2023-38606 Unspecified vulnerability in Apple products
This issue was addressed with improved state management.
local
low complexity
apple
5.5
2023-06-23 CVE-2023-32435 Out-of-bounds Write vulnerability in Apple products
A memory corruption issue was addressed with improved state management.
network
low complexity
apple CWE-787
8.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apple 131 588 4228 1617 2402 8835