DSN: iOS Update 9.2.1

Overview

All Operating System (OS) patches are important, but this one fixes a serious vulnerability that has existed in Apple's mobile products for around 18 months. Researchers at Skycure discovered a vulnerability in iOS that allowed captive portals to read and/or write cookies on the device. This means that attacker-owned malicious WiFi networks could be used to steal credentials, direct users to malicious sites, hijack user sessions, and more. The patch in iOS 9.2.1 isolates the captive portal cookie store from the normal web cookie store to prevent these types of attacks.

Vulnerabilities patched in 9.2.1

• WebSheet vulnerability that allowed cookies to be stolen by captive portal devices
• Multiple WebKit vulnerabilities that allowed for arbitrary code execution upon visitation of maliciously crafted websites
• Various local kernel privilege escalation vulnerabilities in Disk Images, IOHIDFamily, IOKit, and libxslt

Mitigation

Install iOS version 9.2.1 on all Apple mobile devices as soon as possible

Additional Information

https://support.apple.com/en-us/HT205732

https://threatpost.com/apple-fixes-cookie-theft-bug-in-ios-9-2-1/115970/