Apple is Taking Measures in iOS Against Zero-click Exploits

Apple is taking measures in an upcoming version of iOS to make zero-click exploits more difficult. These are exploits for vulnerabilities with which an attacker can take over his device without interaction from the victim. For example, this only involves sending a specially prepared iMessage message that allows an attacker to execute his code on a target's iPhone. Such attacks have occurred in the past.

To make zero-click exploits more difficult, Apple has expanded Pointer Authentication Codes (PAC) to so-called ISA pointers. PACs were developed by Apple some time ago and are intended to prevent unexpected changes to pointers in memory to manipulate objects in the system. This is done by signing pointers and return addresses. This signature is validated before executing the pointers and return addresses.

However, PACs have not yet been used for ISA pointers . These pointers tell a program which code to use. In an upcoming version of iOS, ISA pointers are also protected by means of PACs, researcher Adam Donenfeld told Vice Magazine . Donenfeld reverse engineered the beta version of iOS 14.5 and found the addition there. Apple confirms the change and states that it should make it more difficult to carry out zero-click attacks. It is still unknown when the release version of iOS 14.5 will be released.

Previous Post Next Post