iOS WebKit Vulnerabilities
Lookout Coverage and Recommendation for Admins
With Vulnerability and Patch Management, Lookout admins can set the default OS Out-of-Date policy to have a minimum compliant iOS version of 14.4.2 From there, admins can choose whether to simply alert the user that the device is out of compliance or completely block access to corporate resources until iOS is updated.
In addition, Lookout Phishing & Content Protection will help protect mobile users from malicious phishing campaigns built to exploit these vulnerabilities. Lookout PhishingAI constantly monitors the web for new sites built specifically for phishing purposes and implements protection against them in near real-time.
Overview
Apple released an urgent software update to iOS 14.4.2 to patch a serious vulnerability in Apple’s WebKit browser engine. This vulnerability is actively being exploited in the wild according to Apple. This is not the first urgent security patch that Apple has released for iOS 14, as there were three highly critical vulnerabilities found in iOS 14.3 earlier in 2021. In addition to releasing 14.4.2, Apple also deemed this vulnerability serious enough to release an update for devices that can only run up to iOS 12, such as iPhone 5s, 6, and older iPads.
Lookout Analysis
While Apple hasn’t released many details about the vulnerability, a successful exploit could allow malicious websites to perform arbitrary cross-scripting on the device. This means that an attacker could easily redirect you to a malicious page they built, phish login credentials for personal or corporate accounts, or deliver malware to the device to spy on the user or exfiltrate files from any cloud- based service that user has access to. In addition, the attacker could perform actions on the user’s behalf on malicious sites.
Since this vulnerability exists in WebKit, it could also be used inside iOS apps. This incident exemplifies why attackers have found that delivering phishing links through platforms like social media, third-party messaging apps, gaming, and even dating apps makes it easier to socially engineer mobile users.
Authors
Lookout
Lookout is a cybersecurity company that makes it possible for tens of millions of individuals, enterprises and government agencies to be both mobile and secure. Powered by a dataset of virtually all the mobile code in the world -- 40 million apps and counting -- the Lookout Security Cloud can identify connections that would otherwise go unseen and predict and stop mobile attacks before they do harm. The world’s leading mobile network operators, including AT&T, Deutsche Telekom, EE, KDDI, Orange, Sprint, T-Mobile and Telstra, have selected Lookout as its preferred mobile security solution. Lookout is also partnered with such enterprise leaders as AirWatch, Ingram Micro, Microsoft, and MobileIron. Headquartered in San Francisco, Lookout has offices in Amsterdam, Boston, London, Sydney, Tokyo, Toronto and Washington, D.C.
