Apple has pushed out a vital new update for iPhone, iPad and macOS devices that fixes a vulnerability hackers had been taking advantage of. The flaw gave bad actors the ability to run code on compromised devices and could lead to OS crashes. The zero-day vulnerability affected Webkit, which is the rendering engine Apple uses for all browsers – not just Safari – on iOS and iPadOS.
You may have heard the phrase ‘zero-day vulnerability’ but not know exactly what it is. Basically, as soon as you hear this term you should have alarm bells ringing in your head, as it’s a flaw that has been disclosed but hasn’t been patched yet by a vendor.
Thankfully, Apple has released an update that will help keep iPhone, iPad and macOS users safe from this latest threat.
Describing the vulnerability, which has been labelled CVE-2022-22620, the iPhone makers said: “Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.”
Fixes for the vulnerability are available in iOS 15.3.1, iPadOS 15.3.1 and macOS Monterey 12.2.1, with these patches released on February 10.
If you’re wondering whether your Apple device is at risk, here are all the models affected….
iPhone 6s and later
iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Macs running macOS Monterey
To make sure you stay safe from the threat, be sure to head to the Settings app and then go to General > Software Update to install the vital patch.
The news revealed this week marks the third time this year that Apple has disclosed a zero-day vulnerability.
In January Apple also patched two other zero-day flaws – one that could lead to arbitrary code execution with kernel privileges, while the other allowed bad actors to track browsing activity and users’ identities.
These now patched vulnerabilities affected iPhone models from the 6s onwards, multiple iPads and Macs running macOS Monterey.
The fixes were included in iOS 15.3, iPadOS 15.3 and macOS 12.2. If you missed this security alert in January and are running a software version below this then you really need to update your Apple device as soon as possible.