Apple has disclosed serious security vulnerabilities for iPhones, iPads and Macs, which could potentially allow attackers to take complete control of devices.
Apple added that it is “aware of a report that this issue may have been actively exploited”.
Security experts have advised users to urgently update affected devices – the iPhone 6S and later models, newer iPads, and Mac computers running macOS Monterey.
Apple has released emergency security updates to fix two zero-day vulnerabilities previously exploited by attackers to hack iPhones, iPads, or Macs.
Zero-day vulnerabilities are security flaws known by attackers or researchers before the software vendor has become aware or been able to patch them. In many cases, zero-days have public proof-of-concept exploits or are actively exploited in attacks. The two vulnerabilities are the same for all three operating systems, with the first tracked as CVE-2022-32894. This vulnerability is an out-of-bounds write vulnerability in the operating system’s Kernel.
The kernel is a program that operates as the core component of an operating system and has the highest privileges in macOS, iPadOS, and iOS.
An application, such as malware, can use this vulnerability to execute code with Kernel privileges. As this is the highest privilege level, a process would be able to perform any command on the device, effectively taking complete control over it.
To download the latest security patch & learn more, visit – https://support.apple.com/en-us/HT201222