A serious security vulnerability has been found on most Apple devices that could allow hackers to take full control of their devices. Apple has released a patch for this, and have advised you update your device immediately.
What is the security vulnerability?
There were in fact two vulnerabilities found, with one of them being particularly serious (but both flaws related to one another). Both vulnerabilities reside in WebKit, the browser engine that supports many apps and also the kernel, which is basically the root of the operating system.
The patches for these flaws were released on Wednesday, but did not gain the widespread press attention it merited.
How does the flaw work?
Apple has said on its own support page that one of the flaws means an application “may be able to execute arbitrary code with kernel privileges” – meaning a hacker could gain full access to your device.
The tech giant has not provided much detail other than confirming the vulnerability may have already been exploited, and that it was discovered by an anonymous researcher.
The flaw affects iPhones (as far back as the 6S), iPads, Macs and even iPod Touch’s. This covers nearly every possible Apple device you are likely to own – so the potential reach of this vulnerability is massive.
What action should you take?
If you have an Apple device as per above, you should check that your device is fully up to date so it installs the fix for the flaw. The exact steps vary, but users should navigate to settings > general > update > you should have an option to update your devices’ operating system. For reference though, see below:
https://support.apple.com/en-gb/HT201541
https://support.apple.com/en-gb/HT204204
Conclusion
Due to the severity of the vulnerability and sheer amount of Apple devices affected, you should immediately ensure your Apple device is fully up to date to prevent it being susceptible to the issue.
A big concern is that Apple should have done more to inform Apple device owners and media outlets to help prevent possible exploitation.
As usual, always make sure any device or software is fully up to date to help prevent possible security breaches.
If you would like further advice or information on this subject, don’t hesitate to contact us.