China’s MIIT issues an iOS vulnerability risk alert, affecting iOS versions 13 through 17.2.1

Gate News update. On April 3, China’s Ministry of Industry and Information Technology (MIIT) Network Security Threats and Vulnerability Information Sharing Platform (NVDB) monitoring found that attackers used an exploit tool targeting Apple’s endpoint products to carry out network attack activities, which could lead to serious harms such as information theft and system takeover. The affected scope includes Apple endpoint products such as iPhones and iPads running iOS 13 through 17.2.1. The attackers used methods such as SMS, email, or web poisoning to prompt users to use the Safari browser to visit web pages containing malicious code. By making comprehensive use of security vulnerabilities present in the endpoint devices, they implanted a remote control Trojan into the victim endpoint products, stole users’ sensitive information, gained the highest privileges, and carried out control. MIIT advises users of Apple endpoint products to conduct risk checks, fix vulnerabilities as soon as possible by upgrading to newer versions and installing patches, pay attention to system update notifications and the latest security update announcements issued by Apple, upgrade to the latest secure versions in a timely manner, strengthen security awareness when using devices, avoid clicking on unknown links, and prevent the risk of network attacks.