Apple revealed critical security flaws for iPhones, iPads, and Macs that may possibly let attackers acquire total control of these devices.
On Wednesday, Apple posted two security bulletins regarding the problem, but they didn’t draw much notice outside of tech journals. According to Apple’s explanation of the flaw, a hacker may gain “full admin access” to the system. According to Rachel Tobac, CEO of Social Proof Security, this would enable hackers to pose as the device’s owner and subsequently run any software in their name.
Users of the iPhone 6S and later versions, various iPad models, including the 5th generation and later, all iPad Pro models, and the iPad Air 2, as well as Mac computers running MacOS Monterey, have been advised by security experts to upgrade the affected devices. Some iPod models are also impacted by the bug.
In the reports, Apple avoided to mention how, where, or by whom the vulnerabilities were found. It consistently referenced an unnamed researcher. Commercial spyware organizations like Israel’s NSO Group are renowned for spotting and exploiting these weaknesses in malware that covertly infects targets’ smartphones, syphons their information, and continuously monitors the targets.
According to a security expert, there hasn’t been any technical analysis of the flaws that Apple has just corrected. Strafach alleges that the company previously reported similar serious issues and made clear that it was aware of accusations that these security flaws had been used approximately a dozen times.