Don’t Wait to Update: Apple Security Vulnerabilities

By: Bill Walter

Apple released an emergency software update, iOS 15.6.1, in response to security vulnerabilities in certain versions of their devices, including iPhones, iPads and Mac computers. The vulnerabilities would open the opportunity for a hacker to have full control of these devices.

This information was disclosed in the software update Apple published to fix the issue and safeguard these products against potential threats.

Below, we’ll give you the details on this threat and why it’s essential that you stay alert to software updates to keep your devices and information protected.

Devices at Risk

The following Apple devices are affected and require an update to solve the issue.

  • iPhone 6 and later models
  • iPad models, including the 5th generation and later, all iPad Pro models and the iPad Air 2
  • Mac computers running MacOS Monterey
  • iPod Touch 7th generation models

If you use any of the affected devices, please run the update to protect yourself against a potential threat. You can read about the content in the security update iOS 15.6.1 and iPadOS 15.6.1 here.

What Caused the Vulnerabilities?

There were two main problems at play. One of the issues involved the opportunity for an application to execute arbitrary code with kernel privileges. Arbitrary code execution (ACE) is when an attacker runs any code or command they choose on a targeted device or device process. Kernel privileges allow unrestricted access to the core of the code in an operating system (in this case, iOS). Apple was notified that this issue may have been actively exploited.

The other issue was in WebKit, a browser engine used to render web pages for applications like Safari, Mail, App Store and many others. Apple noted that the vulnerability pertained to the processing of malicious web content in WebKit that could facilitate ACE.

With access to the operating system and the ability to execute arbitrary code, an attacker would have everything they need to take control of your device. Thankfully, Apple identified these vulnerabilities and released iOS 15.6.1 and iPadOS 15.6.1 with the fixes.

Stay On Top of Software Updates

No matter what devices you rely on, you need to make sure that they are updated with the latest security features, like patches, to protect against threats. Hackers are constantly finding new ways to profit from accessing and gaining control of your technology and sensitive information. In an effort to stay ahead of new threats, technology companies provide updates containing enhanced features and layers of protection to ensure your devices are secure.

So, why leave yourself exposed? Run these updates when they become available and before it’s too late. It’s a simple way to save you the headache and financial burden of falling victim to an attack.

Get Ahead of the Next Threat

These vulnerabilities and the emergency software update serve as reminders that you must stay vigilant and prioritize updating your devices.

For more information on best practices, download our cyber security guide for businesses and explore these resources from our blog:

Need Help?

Our Technology Solutions Group includes a team of cyber security experts. We’re happy to meet with you for a cyber security risk assessment of your organization’s IT infrastructure. Or, you can contact us online or call 410.685.5512 with any questions.

 

Published August 23, 2022

Webinar Recording

Cyber Security Wake-Up Call: What’s Putting Your Organization At Risk?

Cyber Security Wake-Up Call Screen Play

Don’t Become a Cyber Security Horror Story This October

It’s October again, which means it’s Cyber Security Awareness Month — and the cyber security landscape couldn’t be...

Ransomcloud: The Next Frontier In Cyber Security Threats

In the rapidly evolving landscape of cyber security, a new kind of threat has emerged that targets cloud services and...