Skip to main content

iOS 17.4 includes 4 important security fixes, 2 were exploited [U]

Regain clarity with CleanMyPhone by MacPaw — the new AI-powered cleaning app that quickly identifies and removes blurred images, screenshots, and other clutter from your device. Download it now with a free trial.


iOS 17.4 is here for all users and comes with lots of changes including new emoji, a CarPlay update, EU App Store changes, quantum security for iMessage, and more. However, there are also important security fixes with the release. Here are all the details.


Update 3/7/24: Apple has updated the list of security fixes for iOS 17.4 pushing it from 4 to over 40 patches.


Just after launching iOS 17.4 for all users today, Apple shared the specifics of the important security fixes on its website.

2 reportedly exploited flaws patched and more

  • A kernel flaw was patched that allowed attackers to “bypass kernel memory protections.”
    • Apple is aware of a report this flaw was actively exploited
  • An RTKit flaw also allowed malicious parties to “bypass kernel memory protections.”
    • Apple is aware of a report this flaw was actively exploited

The remaining two flaws were for Accessibility which allowed an app to “read sensitive location information and Safari Private Browsing which may have shown locked tabs as visible for a short time.

Here are the full security release notes:


Additional CVE entries coming soon.

Accessibility

Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later

Impact: An app may be able to read sensitive location information

Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2024-23243: Cristian Dinca of “Tudor Vianu” National High School of Computer Science, Romania

Kernel

Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later

Impact: An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.

Description: A memory corruption issue was addressed with improved validation.

CVE-2024-23225

RTKit

Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later

Impact: An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.

Description: A memory corruption issue was addressed with improved validation.

CVE-2024-23296

Safari Private Browsing

Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later

Impact: A user’s locked tabs may be briefly visible while switching tab groups when Locked Private Browsing is enabled

Description: A logic issue was addressed with improved state management.

CVE-2024-23256: Om Kothawade


Additional recognition

AirDrop

We would like to acknowledge Cristian Dinca of “Tudor Vianu” National High School of Computer Science, Romania for their assistance.

Mail Conversation View

We would like to acknowledge an anonymous researcher for their assistance.

NetworkExtension

We would like to acknowledge Mathy Vanhoef (KU Leuven University) for their assistance.

Settings

We would like to acknowledge Christian Scalese, Logan Ramgoon, Lucas Monteiro, Daniel Monteiro, Felipe Monteiro, and Peter Watthey for their assistance.

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

Author

Avatar for Michael Potuck Michael Potuck

Michael is an editor for 9to5Mac. Since joining in 2016 he has written more than 3,000 articles including breaking news, reviews, and detailed comparisons and tutorials.


Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications