Blockchain cybersecurity firm CertiK has reportedly been instrumental in exposing critical security vulnerabilities in the latest update to Apple’s iPhone operating system (iOS).
CertiK’s contributions explicitly addressed two vulnerabilities in Apple’s iOS kernel that were confirmed to affect the latest iOS devices. According to Apple’s official security update pageotherwise, these vulnerabilities would have allowed an app to execute arbitrary code with kernel privileges.
If exploited, the vulnerability that “allows an app to execute arbitrary code with kernel privileges” could allow a high-level rogue application to gain access to the core or kernel of the system. This level of access allows the offending app to bypass security measures, manipulate system data, or even take control of the device.
In the worst case, this can lead to the theft of sensitive data, including personal information, financial data or company information. It can also allow the app to install malicious software, corrupt the system’s software, interfere with its operation, or use the device to launch attacks against other systems.
The consequences would be especially concerning for devices that handle sensitive data or transactions, such as cryptocurrency wallets. Therefore, discovering and patching such vulnerabilities is critical to maintaining a device’s security integrity, protecting user data, and ensuring smooth operation.
Role of web3 in web2.
This achievement underscores how blockchain developers and security analysts are now making a vital contribution to improving the security of web2 companies like Apple.
In an era where an increasing number of individuals worldwide rely on their smartphones for cryptocurrency wallets and other security-conscious applications, the devices must be resistant to security threats.
Certik stated that this latest discovery highlights the value of in-depth security research and proactive threat identification in web3 and emphasizes the importance of comprehensive, multi-layered security, stretching “from the application layer to the kernel layer”.
Thus, Apple’s recognition is indicative of the increasing symbiosis between web2 and web3 companies, demonstrating that the expertise within the crypto world can provide benefits beyond the immediate domain and contribute to a broader digital security landscape.
CertiK makes it possible for 4,000 enterprise clients and has secured more than $360 billion in digital assets, detecting nearly 70,000 vulnerabilities in blockchain code.