Apple is urging its hundreds of millions of customers, those owning iPhones, iPads, or Mac computers, to update their devices because of a major security flaw.
Apple posted on its support page today that the flaw permits a malicious application to “be able to execute arbitrary code with Kernel privileges,” which could mean full access for anyone to the Apple user’s device.
“It’s very rare for them to go public like this, which means everyone should take this threat seriously and update as soon as they are able,” Brian Higgins, security specialist at Comparitech, asserted, according to The Scotsman. “If Apple thinks it’s so serious that they need to go public, then if you haven’t already installed iOS 15.6.1, you need to go and do it right now.”
The capacity to have full access is “a dream for anyone who is looking to get into your phone for surveillance,” stated Joe Tidy, a cyber reporter for BBC News, The Daily Mail reported. He added that it was “a very clever vulnerability that hackers have potentially discovered. … On paper, this is a very serious situation for millions, billions of Apple users out there who have got this potential vulnerability.”
“Apple has released security updates to address vulnerabilities in macOS Monterey, iOS and iPadOS, and Safari,” the U.S. Government’s Cybersecurity and Infrastructure Security Agency wrote. “An attacker could exploit one of these vulnerabilities to take control of an affected device. CISA encourages users and administrators to review the Apple security updates page for the following products and apply the necessary updates as soon as possible.”
Tidy said that a “white hat hacker,” meaning an ethical hacker, had discovered the flaw.
Sam Curry, the chief security officer at Cybereason, cautioned, “Regardless of Apple’s recent disclosure of a serious vulnerability affecting millions of iPhones, iPads, and Macs, it wouldn’t be prudent for anyone to panic. … While the vulnerability could allow threat actors to take full control of a device, stay calm and simply get control of your devices and download the software updates available from Apple. Do that and move on. In a rare case, we will find out how threat actors were able to exploit the current vulnerabilities.”
Andy Norton, chief cyber risk officer at Armis, told The Daily Mail: “This clearly has wide-reaching implications. Apple products have become a mainstay of everyday life, including facial recognition, banking apps, and health data. Pretty much everything we hold dear resides on our Apple products. Historically, many people have not updated their Apple products for fear of shortening the lifespan of their devices. That behavior now must change.”
Devices affected by the security flaw include iPhone (6S and later), iPad Pro, iPad Air (2 and later), iPad (5th generation and later), iPad Mini (4 and later), iPod Touch (7th generation), and Mac computers (on macOS Monterey, 12.5.1)
If you have questions or comments, please post below or contact us for more information or help with this issue.