Apple has shared serious security vulnerabilities for iPhones, iPads and Macs that could potentially allow attackers to take complete control of these devices.
The company said it is “aware of a report that this issue may have been actively exploited”.
Contents
How it works
Apple explains that due to the vulnerability a hacker could get “full admin access” to the device.
This would allow miscreants to impersonate the device’s owner and subsequently run any software in their name.
Affected models
Users are advised to update affected devices —
- iPhone6S and later models
- Several models of the iPad, including the 5th generation and later
- All iPad Pro models
- iPad Air 2
- Mac computers running MacOS Monterey.
The flaw also affects some iPod models.
Those who must be careful
Rachel Tobac, CEO of SocialProof Security said that those who should be particularly vigilant are those in the public eye such as activists or journalists who might be the targets of sophisticated nation-state spying.
Commercial spyware companies such as Israel’s NSO Group are known for identifying and taking advantage of such flaws.
They then exploit them using malware that inconspicuously infects targets’ smartphones, takes over their contents and spy on the targets in real time.
It is known to have used the spyware in Europe, the Middle East, Africa and Latin America against journalists, dissidents and human rights activists.
Fixing through software updates
Apple released surprise software updates for iPhones, iPads and Macs on Wednesday that fix two of the vulnerabilities found to be actively exploited by attackers.
It is sized 243.4 MB and is called iOS 15.6.1.
[…] petition also noted that the Apple leadership is ignorant of the unique demands of each job role and the diversity of […]