Potential Security Vulnerabilities Prompt Apple to Issue Software Updates for iPhones, Other Devices

Potential Security Vulnerabilities Prompt Apple to Issue Software Updates for iPhones, Other Devices
The Apple Inc. logo hanging at the entrance to the Apple store on 5th Avenue in the Manhattan borough of New York City on Oct. 16, 2019. Mike Segar/Reuters
Katabella Roberts
Updated:
0:00

Apple Inc. released a new software update this week after revealing serious security vulnerabilities for iPhones, iPads, and computers that could enable hackers to take control of millions of people’s devices.

According to the tech giant, the two vulnerabilities affect iOS, iPadOS, and macOS Monterey, specifically iPhones dating back to the 6S model, iPads 5th generation and later, the iPad Air 2 and later, the iPad mini 4 and later, all iPad Pro models, and the 7th generation iPod touch.

In security updates issued on Aug. 17 and Aug. 18, the company said it was “aware of a report that this issue may have been actively exploited” and advised owners of the impacted Apple devices to immediately update them to protect against the vulnerabilities.

The issues were found in WebKit, the browser engine that powers Apple’s Safari web browser along with other apps, and Kernel, the software system that is effectively the core of the operating system.

These vulnerabilities give hackers the ability to take control of a device’s operating system to “execute arbitrary code” and potentially infiltrate devices through “maliciously crafted web content,” according to Apple.

The company did not provide further details about how the vulnerabilities were discovered except to credit “an anonymous researcher” for alerting the company.

Update Devices Immediately

Rachel Tobac, CEO of SocialProof Security, said on Twitter that the vulnerabilities mean attackers could potentially have full administrative access to the devices. Tobac urged Apple device holders who are journalists, activists, or those “targeted by nation states” to update their devices immediately.
The U.S. Cybersecurity and Infrastructure Security Agency issued its own warning as well.

Apple says that for the protection of its customers, it does not “disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are generally available.”

The company has yet to make an official statement about the security issues aside from the software update posted to the website.

In an interview with MailOnline, Andy Norton, chief cyber risk officer at cybersecurity company Armis, told MailOnline that the security vulnerabilities could have “wide-reaching implications” due to the widespread use of Apple products in everyday life.

“Historically, many people have not updated their Apple products for fear of shortening the lifespan of their devices,” Norton said. “That behavior now must change.”

However, Joe Tidy, a cyber reporter for BBC News, said on Twitter that while the security flaws are serious, they’re not “sky is falling” serious, noting that Apple frequently issues similar updates in the past, such as when the company issued a similar security update in March and asked users to update their devices.

The Epoch Times has contacted an Apple spokesperson for comment.

In the meantime, Apple is asking users of the impacted devices to go to the “settings” section of their devices and select “software update.”

Katabella Roberts
Katabella Roberts
Author
Katabella Roberts is a news writer for The Epoch Times, focusing primarily on the United States, world, and business news.
Related Topics