For iPhones, iPads, and Macs, Apple exposed critical security flaws that may possibly let attackers seize total control of these devices.
According to The Associated Press (AP), Apple released two security bulletins on the problem on Wednesday, but they didn’t draw much notice outside of tech journals.
Apple’s explanation of the vulnerability means a hacker could get “full http://www.businesstoday.me/wp-content/uploads/2022/12/sample10.jpg access” to the device. That would allow intruders to impersonate the device’s owner and subsequently run any software in their name, said Rachel Tobac, CEO of SocialProof Security.
Security experts have advised users to update affected devices — the iPhone6S and later models; several models of the iPad, including the 5th generation and later, all iPad Pro models and the iPad Air 2; and Mac computers running MacOS Monterey. The flaw also affects some iPod models.
Apple did not say in the reports how, where or by whom the vulnerabilities were discovered. In all cases, it cited an anonymous researcher.
Commercial spyware organizations like Israel’s NSO Group are renowned for spotting and exploiting these weaknesses in malware that covertly infects targets’ smartphones, siphons their information, and continuously monitors the targets.
NSO Group has been blacklisted by the U.S. Commerce Department. Its spyware is known to have been used in Europe, the Middle East, Africa and Latin America against journalists, dissidents and human rights activists.
Security researcher Will Strafach said he had seen no technical analysis of the vulnerabilities that Apple has just patched. The company has previously acknowledged similarly serious flaws and, in what Strafach estimated to be perhaps a dozen occasions, has noted that it was aware of reports that such security holes had been exploited.