Hackers Could Have Exploited Two Critical Security Flaws in Apple Products

On Wednesday last week, US technology giant Apple announced that some serious security vulnerabilities affecting iPhones, Macs, and iPads had been uncovered. All users of the mentioned devices are urged to install the latest version of the company’s software as soon as possible to prevent potential security breaches.

The potential damage of the detected flaws seems huge as cyber security experts comment that they would allow attackers to take full control over the devices. Moreover, Apple admits it is aware of a report that states the vulnerabilities could have already been actively exploited.

The two discovered flaws are found once in WebKit, the browser engine that powers Safari and other Apple apps, and also in the kernel, basically the operating system's core. Affected devices include iPhone 6S and later models; iPads from the fifth generation and other models; Mac computers running macOS Monterey, all iPad Pro models, and iPad Air 2.

Certain iPod devices could be vulnerable as well. According to Apple officials, the WebKit bug could be exploited if the user accessed or processed malicious content on the web that can lead to arbitrary code execution. The other bug, which is in the kernel, allows a malicious application to run arbitrary code with kernel privileges, meaning it can allow complete admin control over the targeted device.

Researchers believe that the two flaws are related to each other. Several cyber security companies have commented on the issues, stating what damage, in particular, the two bugs would allow attackers if exploited. Namely, hackers could see the user’s location, read their messages, view contacts, access the microphone, camera, photos, and many other activities that seriously threaten users’ privacy and personal details.

Most likely, any exploits of the announced vulnerabilities would aim at nation-state spying activities and target people of public interest, like politicians, activists, and influential journalists. Therefore, such persons should be particularly attentive and make sure they install the necessary software updates.

It is a very rare event that Apple goes public with a security warning like this, so it is reasonable to assume the threat is real. Users of Apple products should take that seriously and update their devices immediately. The announcement comes after Apple declared its intention to break its dependency on Chinese factories and in times of rising political tensions between Beijing and the USA following Nancy Pelosi’s visit to Taiwan earlier this month.

According to a recent report, Apple’s key suppliers for Apple Watch and MacBook have apparently started test production in northern Vietnam.