For iPhones, iPads, and Macs, Apple exposed critical security flaws that may possibly let attackers seize total control of these devices. On Wednesday, Apple published two security assessments regarding the problem, but nobody outside of tech media paid them much attention.
According to Apple‘s explanation of the flaw, a hacker may gain “full admin access” to the system. According to Rachel Tobac, CEO of SocialProof Security, this would enable hackers to pose as the device’s owner and subsequently run any software in their name.
Users of the iPhone 6S and later versions, various iPad models, including the 5th generation and later, all iPad Pro models, and the iPad Air 2, as well as Mac computers running macOS Monterey, have been advised by security experts to upgrade the affected devices. Some iPod models are also impacted by the bug.
In the reports, Apple omitted to mention how, where, or by whom the vulnerabilities were found. It consistently referenced an unnamed researcher.
Commercial spyware organizations like Israel’s NSO Group are renowned for spotting and exploiting these weaknesses in malware that covertly infects targets’ smartphones, siphons their information, and continuously monitors the targets.
The U.S. Commerce Department has placed NSO Group on a “blacklist.” Its spyware has reportedly been used against journalists, dissidents, and human rights campaigners in Europe, the Middle East, Africa, and Latin America.
Will Strafach, a security expert, claimed that he has not seen any technical examination of the vulnerabilities that Apple has just patched. According to Strafach, the corporation had previously disclosed comparable critical problems and highlighted that it was aware of claims that these security weaknesses had been exploited about a dozen different times.