Apple Issues Critical Security Patches for Actively Exploited Zero-Day Flaws

• Written by Shipra Sanganeria Cybersecurity & Tech Writer

Just days after the release of emergency security updates to fix two zero-day vulnerabilities (exploited to deliver NSO Group’s Pegasus spyware), Apple urged users to update their devices with new security patches.

The iOS zero-day exploit chain was discovered by security researchers at Citizen Lab and Google’s Threat Analysis Group (TAG), while working with Egypt’s former Member of Parliament, Ahmed Eltantawy. The flaws, which can be found across Apple’s array of products, were actively being exploited by threat actors to target Eltantawy with Cytrox’s Predator spyware.

When disclosed to Apple, it assigned the following CVEs to the three identified vulnerabilities:

• CVE-2023-41991 – described as a ‘’certificate validation issue’’, an attacker with the help of a malicious app can use this to bypass signature validation. The Security Framework flaw was ‘’ actively exploited against versions of iOS before iOS 16.7,’’ revealed Apple.
• CVE-2023-41992 – A kernel flaw, which was addressed with improved checks, can be actively exploited by threat actors to escalate privileges.
• CVE-2023-41993 ­ – found in the WebKit browser engine, the flaw was addressed with improved checks. A hacker can exploit this flaw to carry out arbitrary code execution, meaning deploy malware on a victim’s device. ‘’[..] this issue may have been actively exploited against versions of iOS before iOS 16.7,’’ the tech giant revealed.

On September 21, Apple issued patches to address these flaws in multiple products, including both older and newer models. Devices include iPad mini 5th generation and later, watchOS 9.6.3 & 10.0.1, Mac devices running macOS Ventura 13.6, Monterey 12.7, and iOS 16.7, 17.0.1.

Known for identifying and investigating spyware malware targeted at journalists, politicians, activists, among others, Citizen Lab has urged all Apple owners to update their devices with the issued patches. Moreover, they’ve advised users to activate Lockdown Mode on their devices.

‘’[..] we believe, and Apple’s Security Engineering and Architecture team has confirmed to us, that Lockdown Mode blocks this particular attack.’’

Terabytes of Internal Private Data Accidentally Leaked by Microsoft AI Research Team

• Written by Shipra Sanganeria Cybersecurity & Tech Writer

An accidental leak by AI researchers at Microsoft exposed 38TB of sensitive company information dating back to July 2020. The accident took place while publishing open-source AI training data onto a public GitHub repository.

The leak, which was discovered by cloud security company, Wiz , contained private keys, passwords, and over 30,000 internal Microsoft Teams messages. Wiz’s ongoing research into accidental exposure of cloud-hosted data revealed the leak source to be a Microsoft AI division-managed GitHub repository ‘’robust-models-transfer.’’

Although the readers of the repository are only meant to download the open-source code and AI models for image recognition from an Azure Storage URL. Wiz researchers found that the URL was mistakenly configured to grant access to the entire storage account.

A reader could not only access large terabytes of company information, but ‘’[..] the token was also misconfigured to allow “full control” permissions instead of read-only. Meaning, not only could an attacker view all the files in the storage account, but they could delete and overwrite existing files as well,’’ Wiz researchers revealed.

Microsoft & Wiz investigation revealed that the storage account wasn’t directly exposed, rather the misconfigured URL included ‘’an overly-permissive Shared Access Signature (SAS) token.’’

These tokens provide access to Azure Storage data and can be customized by the user to grant either read-only or full control permissions. A user can also create never-expiring access tokens.

According to Wiz, the SAS tokens can prove to be a major challenge to an organization’s system security. ‘’Due to a lack of monitoring and governance, SAS tokens pose a security risk, [..]. These tokens are very hard to track, as Microsoft does not provide a centralized way to manage them within the Azure portal.’’

On receiving Wiz’s report, Microsoft immediately launched an investigation and invalidated, as well as replaced the SAS token on GitHub.

Furthermore, Microsoft’s investigation revealed that the leak did not contain any customer information and none of the other internal services were affected by the incident.