https://sputnikglobe.com/20220819/apple-reveals-security-flaw-that-potentially-gives-hackers-complete-control-of-iphones-ipads--macs-1099745330.html
Apple Reveals Security Flaw That Potentially Gives Hackers Complete Control of iPhones, iPads & Macs
Apple Reveals Security Flaw That Potentially Gives Hackers Complete Control of iPhones, iPads & Macs
Sputnik International
Users of the iPhone 6S and newer models, the iPad models starting with the 5th generation and later, the iPad Pro product lines, and the iPad Air 2, as well as... 19.08.2022, Sputnik International
2022-08-19T00:31+0000
2022-08-19T00:31+0000
2022-08-19T00:30+0000
science & tech
us
business
apple
ios
iphone
iphone 6s
ipad
ipad pro
ipad mini
https://cdn1.img.sputnikglobe.com/img/07e6/08/12/1099745436_0:0:3072:1728_1920x0_80_0_0_4b006defeba9646a0de1ac7cad04759b.jpg
If you are the owner of an Apple product, beware that there have been serious shortcomings in ensuring the security of the company's product ecosystem. For iPhones, iPads, and Macs, Apple has addressed critical security flaws that may possibly let attackers seize total control of these devices. The WebKit browser engine, which runs Safari and other apps, and the kernel, which serves as the functional center of the operating system, were both discovered to be vulnerable, according to the company. Both iOS and iPadOS and macOS Monterey are affected by the two bugs. While the second vulnerability allowed a malicious application to "execute arbitrary code with kernel privileges," which entails full control of the device, Apple said the WebKit flaw could be exploited if a vulnerable device accessed or processed "maliciously crafted web content [that] may lead to arbitrary code execution." It is reportedly thought that the two vulnerabilities are connected.Some successful exploits combine two or more flaws in order to bypass a device's defenses, like infamous nation-state spyware such as Pegasus. Attackers frequently leverage a flaw in the device's browser as an initial point of entry into the operating system, giving them full access to the user's private information.
Sputnik International
feedback@sputniknews.com
+74956456601
MIA „Rossiya Segodnya“
2022
News
en_EN
Sputnik International
feedback@sputniknews.com
+74956456601
MIA „Rossiya Segodnya“
Sputnik International
feedback@sputniknews.com
+74956456601
MIA „Rossiya Segodnya“
science & tech, us, business, apple, ios, iphone, iphone 6s, ipad, ipad pro, ipad mini
science & tech, us, business, apple, ios, iphone, iphone 6s, ipad, ipad pro, ipad mini
Apple Reveals Security Flaw That Potentially Gives Hackers Complete Control of iPhones, iPads & Macs
Kirill Kurevlev
Managing Editor
Users of the iPhone 6S and newer models, the iPad models starting with the 5th generation and later, the iPad Pro product lines, and the iPad Air 2, as well as Mac computers running MacOS Monterey, have been advised by security experts to upgrade the affected devices. Several iPod models are also impacted.
If you are the owner of an Apple product, beware that there have been serious shortcomings in ensuring the security of the company's product ecosystem. For iPhones, iPads, and Macs, Apple has addressed critical security flaws that may possibly let attackers seize total control of these devices.
According to the company's news release, the California-based giant is "aware of a report that this issue may have been actively exploited." Apple posted two security bulletins regarding the problem.
The WebKit browser engine, which runs Safari and other apps, and the kernel, which serves as the functional center of the operating system, were both discovered to be vulnerable, according to the company. Both iOS and iPadOS and macOS Monterey are affected by the two bugs.
While the second vulnerability allowed a malicious application to "execute arbitrary code with kernel privileges," which entails full control of the device, Apple said the WebKit flaw could be exploited if a vulnerable device accessed or processed "maliciously crafted web content [that] may lead to arbitrary code execution."
It is reportedly thought that the two vulnerabilities are connected.
Some successful exploits combine two or more flaws in order to bypass a device's defenses, like infamous nation-state spyware
such as Pegasus. Attackers frequently leverage a flaw in the device's browser as an initial point of entry into the operating system, giving them full access to the user's private information.
