• World CyberCon India
Firewall Daily Vulnerabilties

New Security Flaw in Apple Enables Full Access to Hackers

Apple devices vulnerable to cyber attacks after the company discovered security flaws. Users have been asked to update their devices with the latest security update.

New Security Flaw in Apple Enables Full Access to Hackers
  • PublishedAugust 19, 2022

Apple released two security reports about newly discovered flaws in its devices that could give complete access to cyber criminals. iPhones, iPads, and several Mac devices have been detected with vulnerabilities. However, not all iPod models are said to be affected by this vulnerability. The flaw could lead to data theft and financial loss, among other risks.

Emergency update by Apple

To secure devices, Apple has released ‘emergency updates’ for vulnerable devices. The company has asked users to update their devices to avert any possible security threats. A list of threats and vulnerable devices was made to inform users about the flaw in Apple. Several iPhone models like iPhone 6s, iPad Pro, iPad Air 2, and Mac models were mentioned on the list.

The flaw in Apple devices

To assist users in understanding the defect in their device, Apple released a report with details of the update, the impact and the description, along with the Common Vulnerabilities and Exposure (CVE). Below are the details of the flaw as mentioned in the report:

Kernel

  • Available for: macOS Monterey
  • Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
  • Description: An out-of-bounds write issue was addressed with improved bounds checking.
  • CVE-2022-32894: an anonymous researcher

WebKit

  • Available for: macOS Monterey
  • Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
  • Description: An out-of-bounds write issue was addressed with improved bounds checking.
  • WebKit Bugzilla: 243557
    CVE-2022-32893: an anonymous researcher

Apple users urged to follow the latest guidelines and updates

The company has maintained that they are aware of the flaw adding that the possibility of devices being actively exploited cannot be ruled out. Vulnerabilities in macOS Monterey, iOS and iPadOS, and Safari have led to concern among users, especially those handling critical information about the security of their data and identity.

The Cybersecurity and Infrastructure Security Agency (CISA) have asked users to be updated about the changes and to keep their devices safe by reviewing and following the guidelines mentioned in Apple’s security updates.

Written By
Editorial

The Cyber Express is a publication that aims to provide the latest news and analysis about the information security industry. The news comes from a variety of sources and is updated regularly so that readers can stay up to date with the latest happenings in this rapidly growing field.

3 Comments

  • […] Konduru shared more insights about the DDoS Attack and said the geo-distribution and the types of devices used in the attack resemble the patterns used in the “Meris family of assaults.” In […]

  • […] data, or modify a device’s settings. Since these battery modules function wirelessly — hackers can deliver remote commands using application […]

  • […] every interaction and eliminating implicit trust to help create better infrastructure and protect national and economic […]

Comments are closed.