If you are the owner of an Apple product, beware that there have been serious shortcomings in ensuring the security of the company's product ecosystem. For iPhones, iPads, and Macs, Apple has addressed critical security flaws that may possibly let attackers seize total control of these devices.
According to the company's news release, the California-based giant is "aware of a report that this issue may have been actively exploited." Apple posted two security bulletins regarding the problem.
The WebKit browser engine, which runs Safari and other apps, and the kernel, which serves as the functional center of the operating system, were both discovered to be vulnerable, according to the company. Both iOS and iPadOS and macOS Monterey are affected by the two bugs.
While the second vulnerability allowed a malicious application to "execute arbitrary code with kernel privileges," which entails full control of the device, Apple said the WebKit flaw could be exploited if a vulnerable device accessed or processed "maliciously crafted web content [that] may lead to arbitrary code execution."
It is reportedly thought that the two vulnerabilities are connected.
Some successful exploits combine two or more flaws in order to bypass a device's defenses, like infamous nation-state spyware such as Pegasus. Attackers frequently leverage a flaw in the device's browser as an initial point of entry into the operating system, giving them full access to the user's private information.