Share this article on:
Apple has released a raft of updates for its mobile and desktop operating systems to address a number of bugs that could lead to malicious exploitation of its devices.
Some of the vulnerabilities, Apple warned, may already have been exploited.
The US Cybersecurity and Infrastructure Security Agency (CISA) has also called on users and admins to address the issues quickly.
“Apple has released security updates to address vulnerabilities in multiple products,” CISA said in an overnight alert. “An attacker could exploit some of these vulnerabilities to take control of an affected device.”
The security updates cover the following operating systems:
The bugs range from a Safari browser webkit issue that could lead to arbitrary code execution, to kernel issues in iOS 16.6 and iPadOS 16.6 that could again lead to code execution. One issue, in particular, may already have been taken advantage of.
“An app may be able to modify sensitive kernel state,” Apple said in an advisory. “Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1.”
Apple said a similar bug in iOS 15.7.8 and iPadOS 15.7.8 may also have been exploited, along with vulnerabilities in tvOS 16.6 and kernel and webkit issues in watchOS 9.6.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.