“Hacking the Unhackables” | Apple OS Suffers its 18th Cyber Infection in 2023 & Google & Microsoft Forced to Patch Chrome, Edge, Teams, Skype, etc. | How Many People Worldwide Got “Cyber Spy Targeted” is still Unknown.


For the 18th time in 2023, Apple was forced to release an emergency security updates to patch a new zero-day security flaw exploited in attacks targeting iPhone and iPad users worldwide. Google & Microsoft were also forced to patch their services.

The libvpx bug forced Google to patch its Chrome web browser and Microsoft its Edge, Teams, and Skype products.

Due to the gravity of this matter, MLi Group chairman and Survivability News Publisher Mr. Khaled Fattal weighed in by saying: 

“This is critically serious. Top business and political decision makers need to wake up to this new reality and start thinking differently about risk mitigation strategically and operationally.”

Fattal added, “Cyber Spy Targeting” is what at the MLi Group have labeled the practice of creating such exploits for the purpose of spying on people. This is a direct threat to democracy, human dignity and their values.

Survivability News Aug 3, 2021 post about Pegasus Spyware. Click on Image to read the story.

In an advisory issued on Wednesday, Apple said, “Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.6,

A senior MLi Group Geo-Poli-Cyber™ expert said, “In simple English this means that hackers became able to hack into Apple, Google and Microsoft devises and services and do whatever they wish as if they are the account holder themselves.”  The expert added, “Bank accounts, content in messaging apps like WhatsApp, Messenger and others became accessible and readable as easy as eating cake.”   

By July 2023, Apple had suffered its 10th Zero-Day Exploit. Click on image to read.

Fattal continued saying, ” ‘Cyber Spy Targeting’ is often perpetrated by national governments, security agencies (and/or their proxies), cyber criminals and cyber terrorist, amongst others.”

“It is often aimed at journalists, political opponents and activists. We usually see a rise in this during election periods to target ordinary citizens to design “Purposed Disinformation” social media and political campaigns to sway citizens to vote one way or another.” Fattal emphasized and concluded.

Citizen Lab disclosed two other zero-days (CVE-2023-41061 and CVE-2023-41064)—fixed by Apple last month—abused as part of a zero-click exploit chain (dubbed BLASTPASS) to infect fully patched iPhones with NSO Group’s Pegasus spyware.

The Technical Stuff.

The zero-day (CVE-2023-42824) is caused by a weakness discovered in the XNU kernel that enables local attackers to escalate privileges on unpatched iPhones and iPads.

While Apple said it addressed the security issue in iOS 17.0.3 and iPadOS 17.0.3 with improved checks, it has yet to reveal who found and reported the flaw.

The list of impacted devices is quite extensive, and it includes:

iPhone XS and later
iPad Pro 12.9-inch 2nd generation and later,
iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later,
iPad Air 3rd generation and later,
iPad 6th generation and later,
iPad mini 5th generation and later

Apple also addressed a zero-day tracked as CVE-2023-5217 and caused by a heap buffer overflow weakness in the VP8 encoding of the open-source libvpx video codec library, which could allow arbitrary code execution following successful exploitation.

The libvpx bug was previously patched by Google in the Chrome web browser and by Microsoft in its Edge, Teams, and Skype products.

CVE-2023-5217 was discovered by security researcher Clément Lecigne who is part of Google’s Threat Analysis Group (TAG), a team of security experts known for often finding zero-days abused in government-backed targeted spyware attacks targeting high-risk individuals.

17 zero-days exploited in attacks fixed this year
CVE-2023-42824 is the 17th zero-day vulnerability exploited in attacks that Apple has fixed since the start of the year.

Apple also recently patched three other zero-day bugs (CVE-2023-41991, CVE-2023-41992, and CVE-2023-41993) reported by Citizen Lab and Google TAG researchers and exploited in spyware attacks to install Cytrox’s Predator spyware.

Citizen Lab disclosed two other zero-days (CVE-2023-41061 and CVE-2023-41064)—fixed by Apple last month—abused as part of a zero-click exploit chain (dubbed BLASTPASS) to infect fully patched iPhones with NSO Group’s Pegasus spyware.

two zero-days (CVE-2023-37450 and CVE-2023-38606) in July
three zero-days (CVE-2023-32434, CVE-2023-32435, and CVE-2023-32439) in June
three more zero-days (CVE-2023-32409, CVE-2023-28204, and CVE-2023-32373) in May
two zero-days (CVE-2023-28206 and CVE-2023-28205) in April
and another WebKit zero-day (CVE-2023-23529) in February
Today’s iOS 17.0.3 release also addresses a known issue causing iPhones running iOS 17.0.2 and lower to overheat.

“This update provides important bug fixes, security updates, and addresses an issue that may cause iPhone to run warmer than expected,” Apple said.


Leave A Reply

Your email address will not be published.

one × three =

What Are Geo-Poli-Cyber™ Risks?

What Is Geo-Poli-Cyber™?

MLi Group created the terms Poli-Cyber™ and Geo-Poli-Cyber™ (GPC™) in 2012 and 2013 based on the philosophy that if you cannot identify and name the threat, you cannot mitigate that threat.

Geo-Poli-Cyber™ attacks are political, ideological, terrorist, extremist, ‘religious’, and/or geo-politically motivated.

More Sinister Than Financial Motivations

Geo-Poli-Cyber™ attacks are significantly different from financially motivated cyber-attacks in damage, scale, magnitude as well as in risk mitigation strategies and solutions.

Click to read more