Apple Reveals Serious Security Flaw, Urges Users to Update iPhones & iPads Now

The vulnerability affects iPhone6S and later models; several models of the iPad, all iPad Pro models and the iPad Air 2; and Mac computers running MacOS Monterey

FILE – People shop at an Apple Store in Beijing, Tuesday, Sept. 28, 2021.
AP Photo/Andy Wong, File

Apple disclosed serious security vulnerabilities for iPhones, iPads and Macs that could potentially allow attackers to take complete control of these devices.

Apple released two security reports about the issue on Wednesday, although they didn’t receive wide attention outside of tech publications.

WATCH ANYTIME FOR FREE

icon

Stream NBC10 Boston news for free, 24/7, wherever you are.

Apple’s explanation of the vulnerability means a hacker could get “full admin access" to the device. That would allow intruders to impersonate the device's owner and subsequently run any software in their name, said Rachel Tobac, CEO of SocialProof Security.

The company issued a fix for the vulnerabilities in iOS 15.6.1 and urged users to update affected devices:

  • iPhone6S and later models
  • several models of the iPad, including the 5th generation and later (full list here)
  • all iPad Pro models and the iPad Air 2
  • Mac computers running MacOS Monterey.
  • The flaw also affects some iPod models.
Apple has released iOS 15.6.1, along with a warning to update now
Apple
Apple has released iOS 15.6.1, along with a warning to update now

Apple did not say in the reports how, where or by whom the vulnerabilities were discovered. In all cases, it cited an anonymous researcher.

HOW DO I UPDATE MY DEVICE?

To update your Apple device to the latest operating system that includes the security patches on your phone go to “Settings,” click “General” and click “Software Update.” On the Mac, go to “System Preferences,” then “Software Update.”

WHY IS UPDATING YOUR APPLE DEVICE SO URGENT?

Updates are necessary to keep your device safe from hackers who might run malicious code on your device.

Commercial spyware companies such as Israel’s NSO Group are known for identifying and taking advantage of such flaws, exploiting them in malware that surreptitiously infects targets’ smartphones, siphons their contents and surveils the targets in real time.

NSO Group has been blacklisted by the U.S. Commerce Department. Its spyware is known to have been used in Europe, the Middle East, Africa and Latin America against journalists, dissidents and human rights activists.

Security researcher Will Strafach said he had seen no technical analysis of the vulnerabilities that Apple has just patched. The company has previously acknowledged similarly serious flaws and, in what Strafach estimated to be perhaps a dozen occasions, has noted that it was aware of reports that such security holes had being exploited.

Copyright The Associated Press
Contact Us