Share this article on:
Apple is rolling out a suite of security updates for older iPads, iPhones, and Mac devices, as vulnerabilities are likely being exploited in the wild.
Consumer tech and software giant Apple has released urgent security updates to patch vulnerabilities in a host of older Apple devices.
The patches address issues in Apple’s Real-Time Kernel, or RTKit, and the company’s Foundation framework.
CVE-2024-23296 is an RTKit memory corruption issue that could give an attacker arbitrary read/write capability by bypassing kernel memory protection.
“Apple is aware of a report that this issue may have been exploited,” the advisory said.
The Center for Internet Security goes into a little bit more detail.
“Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,” a CIS advisory said.
“Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.”
CVE-2024-27789, on the other hand, does not yet appear to be actively exploited and is a logic issue that could allow a malicious app to access “user-sensitive data”.
The patches are available for iOS 16.7.8 and iPadOS 16.7.8 and on the following devices: iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.