Time to Patch: Hackers Are Exploiting 2 Flaws in iOS, MacOS

Total times read this article : 5

Apple just released patches to fix two flaws in iOS and macOS that hackers have been exploiting to attack users. 

The company released patches for both operating systems with iOS/iPadOS version 15.6.1(Opens in a new window) and macOS Monterey 12.5.1(Opens in a new window). The release notes warn that Apple is aware that someone may be exploiting both vulnerabilities for malicious purposes. 

The first flaw, dubbed CVE-2022-32893, affects WebKit, the browser engine used in Safari and all other iOS browsers, including Google’s Chrome. In the wrong hands, the vulnerability can be used to craft malicious web content capable of triggering remote code execution on the software. This means a hacker could exploit the flaw to cause an iPhone or Mac to visit a malicious website or download a bad app. 

The second flaw, dubbed CVE-2022-32894, involves the kernel or the core part of the iOS and macOS operating system. By exploiting this vulnerability, a hacker can execute computer code over the device with “kernel privileges,” allowing them to run programs or commands an attacker normally wouldn’t be able to execute. 

According to Apple, the two flaws affect Mac devices on macOS Monterey, iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation).

Apple didn’t provide any other details. But we wouldn’t be surprised if the hackers were chaining the two flaws together to target users, perhaps through a phishing attack involving direct messages to victims. An anonymous researcher uncovered both vulnerabilities. 

Recommended by Our Editors

There’s also a good chance elite hackers, including government-paid cyberespionage companies such as Israel’s NSO Group, have been exploiting the flaws. Oftentimes, it’s well-funded outfits that have the capabilities to find and create zero-day attacks, which involve previously unknown flaws in a company’s software.  

To update(Opens in a new window) your iPhone, go Settings > General > Software Update. The device can also update automatically if you’ve toggled on automatic updates.

SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.”,”first_published_at”:”2021-09-30T21:22:09.000000Z”,”published_at”:”2022-03-24T14:57:33.000000Z”,”last_published_at”:”2022-03-24T14:57:28.000000Z”,”created_at”:null,”updated_at”:”2022-03-24T14:57:33.000000Z”})” x-show=”showEmailSignUp()” class=”rounded bg-gray-lightest text-center md:px-32 md:py-8 p-4 mt-8 container-xs” readability=”31.423799582463″>

Like What You’re Reading?

Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.

Facebook Comments Box

Hits: 0

RELATED ARTICLESMORE FROM AUTHOR