Apple Security Flaw Being Actively Exploited

Apple users are being warned to immediately update their iPhones, iPads and Macs, due to a couple of security vulnerabilities that can allow hackers to seize control of their devices.

And to make matters worse, Apple on a security update website said it is “aware of a report that this issue may have been actively exploited.” It credited an unnamed research for disclosing both flaws to it.

The good news is that the firm has released a security update that closes the vulnerabilities for the affected models.

Security flaw

Apple users are advised to download and install the latest version of iOS and iPadOS (15.6.1), and update their macOS as well to 12.5.1.

“For our customers’ protection, Apple doesn’t disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available,” the firm stated.

The vulnerabilities that have now been patched concern the Kernel, and WebKit (part of the Safari web browser).

So what models are impacted?

Well it seems that iPhones dating back to the 6S model, iPad 5th generation and later, iPad Air 2 and later, iPad mini 4 and later, all iPad Pro models and the 7th generation iPod touch are impacted.

The vulnerabilities are so serious they give hackers the ability to take control of a device’s operating system to “execute arbitrary code” and potentially infiltrate devices through “maliciously crafted web content.”

The vulnerability also extends to Mac computers running the company’s Monterey OS as well as Apple’s Safari browser on its Big Sur and Catalina operating systems, Apple has noted.

Users are advised to go to their settings menu and select ‘software update’ or ‘about this mac’, to see what version of OS they are running.

CISA – ‘update now’

The patch from Apple has led the US cyber security government agency to warn people to update now.

“Apple has released security updates to address vulnerabilities in macOS Monterey, iOS and iPadOS, and Safari,” said CISA. “An attacker could exploit one of these vulnerabilities to take control of an affected device.

“CISA encourages users and administrators to review the Apple security updates page for the following products and apply the necessary updates as soon as possible,” it added.

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Nvidia Introduces Next-Generation ‘Blackwell’ AI Chips

Nvidia introduces next-generation AI accelerator chips at GCT 2024 developer conference amidst surge in demand

18 mins ago

Apple In Talks With Google To Bring Gemini AI To iPhones

Apple reportedly in talks with Google to use Gemini for generative AI tasks on iPhones…

48 mins ago

US Senators Voice Support For TikTok Bill

Some US senators say they support bill that could result in TikTok ban, while US…

1 hour ago

Government Wants Flying Taxis In Operation By 2028

Flying taxis could become reality in UK in next four years under new government action…

2 hours ago

SpaceX ‘Developing Spy Satellites’ For US Agency

SpaceX reportedly developing network of hundreds of low-orbit spy satellites for US intelligence agency under…

2 hours ago

Uber To Pay £149m In Settlement With Australian Taxi Drivers

Uber to pay £149m in settlement with Australian taxi drivers who alleged it used illegal…

3 hours ago