New Delhi: Apple has released new software updates for iPhones, iPads and Macs to close two vulnerabilities known to be actively exploited by attackers. The two vulnerabilities were found in WebKit, the browser engine that powers Safari and other apps, and in the kernel, essentially the core of the operating system.
The two bugs affect iOS, iPadOS, and macOS Monterey, reports TechCrunch. The tech giant said the WebKit flaw could be exploited when a vulnerable device accesses or processes “maliciously crafted web content (which) could lead to arbitrary code execution”. (Also read: Shiprocket Raises $33.5 Million, Becomes India’s 106th Unicorn)
While the second flaw allowed a malicious application to “execute arbitrary code with kernel privileges”, meaning full access to the device. The two shortcomings are believed to be related, the report said. Some successful exploits, such as B. powerful nation-state spyware, use two or more vulnerabilities in conjunction to breach the protection layers of a device. (Also read: PNB Customer Warning! Do this by August 31st or face…)
It is not uncommon for attackers to first target a vulnerability in the device’s browser in order to penetrate the broader operating system and grant the attacker broad access to the user’s sensitive data.
Apple said iPhone 6s models and later, iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) and all iPad Pro models are affected.