Apple has disclosed serious security vulnerabilities which could potentially allow attackers to take complete control of devices and said the tech company was “aware of a report that this issue may have been actively exploited”.
Security experts have advised users to urgently update affected devices – the iPhone 6S and later models, newer iPads, and Mac computers running macOS Monterey.
In a security update on its support page, Apple said one of the flaws means a malicious application “may be able to execute arbitrary code with kernel privileges”.
To install the required urgent update, Apple users can go to their device’s Settings App, then General, then Software Updates.
According to Apple the vulnerability could have been exploited by “processing web content”, meaning accessing a web page which contained malicious code.
Any attackers that knew about the vulnerability – and how to exploit it – could, by directing a victim to such a web page, be able to execute any code they wanted on the victim’s device.
Usually devices restrict the kinds of code that can be run on them to users with particular levels of privileges – but this vulnerability allowed the code to be executed with kernel privilege.
If you need advice on any IT security issues, please do get in touch with UK Business IT. You can do this by going to “contact us” on this website.