[RndTbl] CVE-2023-41064

Chris Audet cj.audet at gmail.com
Wed Oct 4 21:26:58 CDT 2023 

>Anyone can send you a text or imessage (whatever that is) with a crafted
webp image and p0wn your whole device: no clicks or user
interaction required.

Quick comment on this.  iOS 16 added a "lockdown mode" feature
<https://support.apple.com/en-us/HT212650>, which disables a bunch of
device features likely to be used for 0 days like this one.

Notable quote relating to the iMessage attack vector:
>Apple’s Security Engineering and Architecture team has confirmed to us,
that Lockdown Mode blocks this particular attack.
<https://citizenlab.ca/2023/09/blastpass-nso-group-iphone-zero-click-zero-day-exploit-captured-in-the-wild/#:~:text=We%20believe%2C%20and%20Apple%E2%80%99s%20Security%20Engineering%20and%20Architecture%20team%20has%20confirmed%20to%20us%2C%20that%20Lockdown%20Mode%20blocks%20this%20particular%20attack.>

If you're the type of person who reads CVE pages, you should consider
enabling lockdown mode.  I've had it enabled since the day it was released
with no major issues.

On Wed, Oct 4, 2023 at 9:18 PM Trevor Cordes <trevor at tecnopolis.ca> wrote:

> On 2023-10-05 Adam Thompson wrote:
> > Err... all the UNIX versions of Chrome are vulnerable, too.  And iOS
> > and iPadOS both still uses a heck of a lot of FreeBSD kernel and
> > libc, under the hood. -Adam
>
> Ya, but the main point is the no-click no-action "push" aspect of the
> vulnerability unique to *phones*.  Hacker can text you something you
> have no control over and BOOM.  So the browser and other client stuff
> is a bit less critical.
>
> The chatter on this bug is that a lot of iOS devices in the wild IRL got
> hit with this hack to install Pegasus spyware.  Of course, you'd never
> know at all that you were one of those...
>
> Not sure if Android has the same vulnerability -- you'd think it does?
> But the stuff I'm seeing blasted all over the place is Apple specific.
> Maybe they just hate Apple.
> _______________________________________________
> Roundtable mailing list
> Roundtable at muug.ca
> https://muug.ca/mailman/listinfo/roundtable
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://muug.ca/pipermail/roundtable/attachments/20231004/07d37ace/attachment-0001.htm>

More information about the Roundtable mailing list