Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Daily Mirror
Daily Mirror
National
Tim Hanlon

Apple security update: Firm warns of serious flaw for iPhones, iPads and Macs

Apple has admitted that its iPhones, iPads and Macs have serious security vulnerabilities which could allow hackers to take over the devices.

The company has published two security reports over the flaws but it did not give specifics about how many people will have been affected.

People have been advised by experts to update their devices if they have models from the iPhone 6S onwards as well as newer iPads and Macs that run macOS Monterey.

Apple has also reportedly stated it was “aware of a report that this issue may have been actively exploited”.

On its website it says: "For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page.

Apple has published two security reports over the flaws (Gado via Getty Images)

"Apple security documents reference vulnerabilities by CVE-ID when possible. For more information about security, see the Apple Product Security page."

Referring specifically to the security flaws regarding macOS Monterey 12.5.1 it states: "Kernel. Available for: macOS Monterey. Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-32894: an anonymous researcher.

"WebKit. Available for: macOS Monterey Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Description: An out-of-bounds write issue was addressed with improved bounds checking. WebKit Bugzilla: 243557. CVE-2022-32893: an anonymous researcher."

Apple has also stated it was “aware of a report that this issue may have been actively exploited” (SOPA Images/LightRocket via Getty Images)

TechCrunch has said that possibly being "able to execute arbitrary code with kernel privileges" refers to having full access to the device while a WebKit bug could happen if a device accessed "maliciously crafted web content (that) may lead to arbitrary code execution".

While Rachel Tobac, CEO of SocialProof Security, said that Apple’s description of the security vulnerabilities means a hacker could get “full admin access to the device” and “execute any code as if they are you, the user".

The Mirror has contacted Apple for comment.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.