Apple today revealed serious vulnerabilities that could affect its devices such as the iPhone, the iPad, the iPod, and the Mac. Apple said that a pair of security flaws that were discovered could lead a hacker to grab “full admin access” to affected devices. Rachel Tobac, CEO of SocialProof Security, said that if exploited, the vulnerabilities would allow attackers to impersonate device owners and run any software that is in their names.
Security experts say that those with the iPhone 6s and newer should immediately update to iOS 15.6.1 and iPadOS 15.6.1. Models of the iPad that are affected include the fifth-gen iPad and later, all iPad Pro models, and the iPad Air 2. The seventh-generation iPod touch is also at risk of an attack as are Macs running macOS Monterey.
Update your iPhone and iPad to iOS 15.6.1 to patch a major vulnerability
Apple has been keeping mum on who alerted it to the vulnerabilities and instead has given credit to an anonymous researcher. The vulnerabilities were discovered in WebKit, the browser engine that Apple
uses for Safari, and the kernels of iOS, iPadOS and macOS. A kernel is the core of an operating system and has control over the entire system. It also helps interactions between hardware and software.
In a support page release
, Apple said that exploiting the WebKit flaw would require a vulnerable device to process “maliciously crafted web content [that] may lead to arbitrary code execution.” The second bug allows a malicious app “to execute arbitrary code with kernel privileges,” giving attackers the ability to access all parts of a device.
Note that Apple points out in the update it sent out for iOS and iPadOS that it provides important security updates and is recommended for all users. Considering the vulnerabilities that it is trying to patch here, we concur with Apple. Update your compatible devices now!
To install iOS 15.6.1 or iPadOS 15.6.1 on your iPhone, iPad, or iPod touch (seventh generation) go to Settings > General > Software Update.