The Ministry of Industry and Information Technology of China issues a warning about timely updates of specific iOS versions to prevent vulnerability exploitation.

BlockBeats message. On April 3, China’s Ministry of Industry and Information Technology Network Security Threats and Vulnerabilities Information Sharing Platform (NVDB) monitoring found that attackers are using an exploit tool targeting Apple’s endpoint products to carry out network attack activities, which can lead to severe harms such as information theft and system takeover. The affected scope includes Apple endpoint products such as iPhones and iPads running iOS 13.0 through 17.2.1.

Attackers lure users into using the Safari browser to visit webpages containing malicious code by means such as SMS, email, or web poisoning. By holistically leveraging security vulnerabilities present on the terminal devices, they implant a remote control Trojan horse into the compromised endpoint products, steal users’ sensitive information, obtain the highest privileges, and take control.

Users of Apple endpoint products are advised to conduct thorough risk checks and repair the vulnerabilities as soon as possible by upgrading to newer versions and installing patches. Pay attention to system update notifications and the latest security update announcements released by Apple, upgrade to the latest security version in a timely manner, strengthen security awareness, avoid clicking on unknown links, and guard against the risk of network attacks.