Tag Archives: Apple

Posted on Author Atlantic Computer Services Categories Blog

Apple Released A Fix For Multiple Zero Day Exploits

There’s good news for Apple users.

The company has been busy and has recently released security updates that address two Zero-Day vulnerabilities. These are security flaws that could be exploited by hackers to cause no end of trouble to anybody running macOS or iOS.

The first Zero-Day addressed is being tracked as CVE-2022-22587 and is a nasty memory corruption bug that impacts macOS Monterey, iPadOS and iOS.

The second issue the company focused on was a Zero-Day bug in Safari’s WebKit and it impacted users running iPadOS and iOS.  Tracked as CVE-2022-22594 this allowed websites to track your browsing activity and user identities in real time.

If you’re running an OS version earlier than 15.3 you are vulnerable to both exploits. Note that Apple has found evidence that they are actively being exploited in the wild.  To protect yourself you’ll want to update to 15.3 as soon as possible.

These two represent the first Zero-Day bugs that Apple has tackled in 2022 which makes them significant.  It’s also proof positive that the company isn’t sitting back and resting on its laurels.  They’re actively taking the fight to the hackers and addressing security flaws head on and at a rapid clip.

It’s very good to see but last year Apple seemed to be chasing an unending stream of Zero-Day flaws.  Here’s hoping that this year will see relatively fewer of them. Even if that proves not to be the case, Apple has and continues to demonstrate how seriously they take the security of their user base.

Whatever happens one thing we can say with certainty is that 2022 is bound to be an interesting year.

Again Kudos to Apple for their rapid response and if you’re an Apple user check your OS version to make sure you’re protected.

0
Posted on Author Atlantic Computer Services Categories Blog

Support Comes To An End For iOS 14 For iPhone Devices

When Apple first released iOS 15 they posted a promise on their website.

That promise was:

“If you’re using iOS or iPadOS 14.5 or later, you might now see the option to choose between two software update versions. This option allows you to choose between updating to the latest version of iOS or iPadOS 15 as soon as it’s released, or continuing on iOS or iPadOS 14 while still getting important security updates for a period of time.”

Although the promise specifically states “for a period of time” many users assumed it would be forever or at least indefinitely.  It isn’t and Apple just pulled the plug on iOS 14 support.  There won’t be any more.

In some ways that’s disappointing but it’s not really a surprise.  It is disappointing because most companies continue offering support to older products for a full year at least and in Apple’s case it hasn’t been that long.

On the other hand, it is not surprising because it’s clear that Apple really wants people to upgrade to iOS 15. If it gets a little too heavy-handed to make that happen the company has now demonstrated a willingness to do so.

Unfortunately, based on Apple’s own statistics fully 30 percent of their user base is running iOS 14. That means by pulling the plug they’re essentially leaving about a third of their user base to fend for themselves in terms of security updates they’re no longer getting.

Yes this will provide a powerful incentive for them to upgrade but given Apple’s reputation, that seems a bit out of character.

At the root the issue is that Apple wasn’t transparent with the timeframe.  “For a period of time” could mean almost anything.  Apple clearly meant for it to mean “for a short period of time” but many of their users didn’t interpret it that way. As a result, there’s bound to be some bad blood over this.

In any case if you’re currently running iOS 14 upgrade as soon as possible because no further security updates are coming.

0
Posted on Author Atlantic Computer Services Categories Blog

Apple Safari Bug May Leak Personal Information And History

There was a recently discovered issue with the way the IndexedDB API was implemented in Safari’s WebKit engine.

This is giving IT professionals who work in an environment dominated by Apple products heartburn. The faulty implementation allows or could allow an attacker to intercept leaking browser activity in real time including the user IDs associated with vulnerable machines.

Indexed DB is a commonly used API that has a robust client-side storage system with no capacity limits.  Normally it is used for caching web application data so users can view it offline at a later date but of course, it can also be used to store sensitive information.

To prevent data leaks IndexedDB developers followed the “same-origin” policy which controls which resources are allowed to access each piece of data.

Unfortunately, researchers at FingerprintJS discovered that the IndexedDB API doesn’t follow the same-origin policy used by Safari 15 on macOS and the difference in policy could lead to the disclosure of sensitive information.

In order to be impacted by this issue a user has to log onto websites like YouTube and Facebook or visit service portals like Google Keep or Google Calendar.  Doing so creates a new IndexedDB database and appends the Google Username.

According to the researchers who first discovered the bug:

“We checked the homepages of Alexa’s Top 1000 most visited websites to understand how many websites use IndexedDB and can be uniquely identified by the databases they interact with. 

The results show that more than 30 websites interact with indexed databases directly on their homepage, without any additional user interaction or the need to authenticate.  We suspect this number to be significantly higher in real-world scenarios as websites can interact with databases on subpages, after specific user actions, or on authenticated parts of the page.”

Worst of all is there’s no good mitigation strategy here.  Disabling all JavaScripts would work but would almost certainly cause other applications to fail that your organization relies on. So we’re waiting on Apple to provide a fix.  The good news is that they’ve got a solid reputation for responsiveness so we should not have to wait long.

0
Posted on Author Atlantic Computer Services Categories Blog

New Malware Can Infect Linux, Mac, Or Windows Users

There’s a new strain of malware called SysJoker to be mindful of. It’s especially dangerous because it can target Windows, Mac or Linux systems.  That makes it an equal opportunity strain.

Researchers at Intezer are credited with discovering the malware in the wild in December of 2021 during an investigation of an attack on a Linux server.  The group was able to obtain samples of the virus for analysis and have concluded that SysJoker is a nasty piece of work indeed.

Written in C++, the malware strain is cunningly constructed to evade detection on all three Operating Systems.  In fact, it’s so good at evading detection that none of the 57 antivirus programs the Intezer researchers tested were able to detect the presence of the malware.

SysJoker is harmless by itself but that is by design.  It is a first-stage dropper and its only job is to gain a foothold in a target network.

Once there it will sleep for two minutes before creating a new directory and then copy itself to that directory all while disguised as an Intel Graphics Common User Interface Service (“igfxCUIService.exe”).

According to the Intezer report, this is what happens next:

“…SysJoker will gather information about the machine using Living off the Land (LOtL) commands. SysJoker uses different temporary text files to log the results of the commands,” explains Intezer’s report.

These text files are deleted immediately, stored in a JSON object and then encoded and written to a file named “microsoft_Windows.dll”.”

When that is done, the malware creates persistence by adding a new registry key (HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun). Random sleep times are interposed between all functions leading to this point.

Finally, it will reach out to the actor-controlled command and control server using a hardcoded Google Drive link.  Once that connection has been established, the hackers can install whatever payload they wish onto the infected system.

None of the major AV programs can detect SysJoker at present. Given that it can infect Windows, Mac and Linux systems, this is one to keep a watchful eye out for.

0
Posted on Author Atlantic Computer Services Categories Blog

Report Says PC Sales Went Up Ten Percent In 2021

According to the latest Gartner’s statistics, a total of 339.8 million personal computers were shipped in 2021. That was up from 309.1 million in 2020 which amounts to about 10 percent growth in the market.

The company noted that the fourth quarter of 2021 saw a 5 percent drop compared to last year, which may be signaling the end of the pandemic-fueled growth in sales.

Lenovo is the PC maker that has been top of the charts in recent years and they were once again in the top spot accounting for nearly a quarter (24.7 million) of PCs shipped in the year that just ended.  HP was not far behind them with a 21.8 percent share, or 74.2 million units shipped. Then we have Dell bringing up the top three scoring 17.6 percent of the market with 59.7 million PCs shipped.

Apple was at the top of the second tier with a 7.6 percent share of the market and shipping 24.3 million units. Acer and Asus rounded out the top six.

The interesting thing about the Gartner analysis is that it stands in stark contrast to rival Canalys’ projection that 2022 will be another year of record PC sales.

As Gartner sees it, the pandemic fueled a one-off, not-to-be-repeated surge in demand and points specifically to the 4th quarter data point as a sign that demand is slowing.

Canalys sees it differently and cites supply chain issues as the main driver behind the 4th quarter slowdown. Canalys insists that demand will remain strong throughout this new year.

Both companies have a very good record when it comes to predicting market moves but only one of them can be right.  All we can say is that we currently don’t have enough data to say for sure.  Whatever way it shakes out though 2022 is bound to be another interesting year.

0
1 3 4 5 6 7 18