Apple has patched 10 vulnerabilities in iOS, including a pair of bugs that allowed arbitrary code execution and one that enables an attacker to run random binaries on a target device.
The patches come in iOS 8.1.1, a small update to the company’s mobile operating system. There are several serious vulnerabilities fixed in this release, including the code-execution flaws. But it does not appear that Apple has included a patch for the vulnerability used by the WireLurker malware. That flaw enables an attacker to switch a legitimate app for a malicious one, with no indication to the user. The WireLurker malware was exploiting this vulnerability when an iOS device was connected to an infected Windows or Mac computer.
Researchers at FireEye said that the vulnerability was reported to Apple in July.
As for the patches that were included in iOS 8.1.1, the most serious of them is a kernel flaw that could lead to arbitrary code execution.
“A validation issue existed in the handling of certain metadata fields of IOSharedDataQueue objects. This issue was addressed through relocation of the metadata,” the Apple advisory says.
There also were several memory corruption bugs in the WebKit framework that could lead to arbitrary code execution or unexpected application termination. The other interesting vulnerability is a problem with the sandbox profiles in iOS that could let a malicious app run arbitrary binaries.
“A permissions issue existed with the debugging functionality for iOS that allowed the spawning of applications on trusted devices that were not being debugged. This was addressed by changes to debugserver’s sandbox,” Apple’s advisory says.
