Apple fills vulnerabilities with software updates

Updated on 08/22/2022 at 12:20 PM

Cupertino (dpa) – Through a series of software updates for its devices, Apple has closed two security vulnerabilities that may have already been exploited. One of the weaknesses was Apple’s WebKit software, which is used to display content in web browsers. Apple explained that custom sites can use the gap to run any code.

“Simply put, a cybercriminal can put malware on your device just by looking at a harmless website,” IT security firm Sophos warned Thursday.

iPhones and iPads are particularly affected

Through this weakness she was Iphone And the IPAD More Threatening Than Mac Computers: Because all browsers run on mobile devices with WebKit, not just the built-in Safari. The second vulnerability was in the so-called kernel, the central part of the operating system. Sophos asserted that an attacker who had already gained access to the device could use it to access all kinds of data.

Such vulnerabilities are very valuable and are usually exploited in a targeted manner by secret services and monitoring software developers. Pegasus from Israeli spyware company NSO, which also exploited vulnerabilities on Apple devices, is well known.

Apple has cited information from an anonymous researcher about the vulnerabilities that have now been patched. Like other companies, the iPhone group gives rewards for information about discovered vulnerabilities. In recent years, Apple has repeatedly announced security vulnerabilities when releasing updates.

With software updates, users have to become active in order to install them. The current operating system versions are iOS 15.6.1 for iPhone, iPadOS 15.6.1 for tablets, and macOS Monterey 12.5.1 for Apple computers.

© dpa-infocom, dpa: 220819-99-444531 / 5
© dpa