Apple users urged to update devices to fix 'critical' security flaw: SingCert
SINGAPORE — A government cybersecurity response team has urged Apple users to update their devices' software immediately to fix a critical vulnerability that could leave their iPhones and Mac computers open to attacks.
SINGAPORE — A government cybersecurity response team has urged Apple users to update their devices' software immediately to fix a critical vulnerability that could leave their iPhones and Mac computers open to attacks.
In an advisory on Tuesday (Sept 13), the Singapore Computer Emergency Response Team (SingCert) said that attackers who successfully exploit this vulnerability could "enable maliciously written programmes to execute arbitrary code with kernel privileges".
This refers to commands that have access to the core, or kernel, of a device’s operating system.
SingCert advised users to update the following web browsers and operating systems (OS) to their latest versions:
- Safari 16 web browser – For Macs on Big Sur and Monterey OS
- macOS Monterey 12.6 – For Macs using Monterey
- macOS Big Sur 11.7 – For Macs using Big Sur
- iOS 16 – For iPhone 8 and later
- iOS 15.7 and iPad OS 15.7 – For iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation).
SingCert also urged users to enable automatic software updates on their devices’ settings page.
Apple had on Monday released security fixes to the so-called "zero-day" vulnerability, which is a security flaw in a system or device that has been disclosed but not yet patched.
In security advisories, Apple said it was aware of reports that these flaws "may have been actively exploited".
The bug, tracked under the codename "CVE-2022-32917", was reported by an anonymous researcher, the tech company said.