Apple reveals a security flaw that potentially gives hackers complete control of iPhones, iPads & Macs. Security professionals advise users of the iPhone 6S and subsequent versions, iPad models starting with the 5th generation and after, the iPad Pro product lines, the iPad Air 2, and Mac computers running MacOS Monterey to upgrade the affected devices. A number of iPod models are also affected.
Owners of Apple products should be aware that there have been significant weaknesses in guaranteeing the security of the company’s product ecosystem. Apple has addressed serious security weaknesses that might allow attackers to take complete control of iPhones, iPads, and Macs.
According to the company’s news release, the California-based giant is “aware of a report that this issue may have been actively exploited.” Apple posted two security bulletins regarding the problem.
The WebKit browser engine, which powers Safari and other apps, as well as the kernel, the operating system’s functional hub, were also found to be susceptible, the company claims. The two issues affect all versions of iOS, iPadOS, and macOS Monterey.
Although the second vulnerability enabled a malicious application to “execute arbitrary code with kernel privileges,” giving the attacker complete control of the device, Apple stated that the WebKit vulnerability could be abused if a susceptible device accessed or processed “maliciously crafted web content [that] may lead to arbitrary code execution.”
According to reports, the two vulnerabilities are related.
Some effective exploits, notably infamous nation-state malware like Pegasus, use two or more flaws in order to get past a device’s protections. Attackers commonly employ a browser weakness on the target device as a source of entry into the operating system, giving them complete access to the user’s confidential data.