In the past few days, Apple released back-to-back updates with critical security fixes for iOS (15.6.1) and MacOS Monterey (12.5.1). This comes after it was discovered that vulnerabilities in both operating systems could allow hackers to take complete control of user’s devices. Apple have stated that they are “aware of a report that this issue may have been actively exploited”.
Users with any of the following devices are being advised to update to iOS 15.6.1 immediately:
- iPhone 6s and later
- iPad Pro (all models)
- iPad Air 2 and later
- iPad 5th generation and later
- iPad mini 4 and later
- iPod touch 7th generation
Any device which is currently running MacOS Monterey should update to the 12.5.1 version for full protection.
PCMag offered the following explanations for the flaws:
“The first flaw, dubbed CVE-2022-32893, affects WebKit, the browser engine used in Safari and all other iOS browsers, including Google’s Chrome. In the wrong hands, the vulnerability can be used to craft malicious web content capable of triggering remote code execution on the software. This means a hacker could exploit the flaw to cause an iPhone or Mac to visit a malicious website or download a bad app.”
“The second flaw, dubbed CVE-2022-32894, involves the kernel or the core part of the iOS and macOS operating system. By exploiting this vulnerability, a hacker can execute computer code over the device with “kernel privileges,” allowing them to run programs or commands an attacker normally wouldn't be able to execute.”
Although updates can be tempting to ignore, ensuring your devices operating systems are up to date is critical in preventing cyberattacks. Sometimes they simply provide enhancements and improvements for your device, but often they contain fixes for dangerous bugs or vulnerabilities which cybercriminals can and will take advantage of.
Looking to secure your devices even further?
Fortify your defences
No one vendor can stop all threats, so don’t leave your business exposed. If you are using Microsoft 365 or G Suite, you should also have third-party solutions in place to mitigate your risk. For example, using a specialist cloud email security solution like MailGuard to enhance your Microsoft 365 security stack.
For more information about how MailGuard can help defend your inboxes, reach out to our team at expert@mailguard.com.au.
