The US tech giant Apple has acknowledged the existence of major security loopholes in some iPhones, iPads, and Macs which could allow nation state hackers to hijack users’ devices, two security reports – one on macOS and one on iOS and iPadOS – on the company issued Wednesday show.
Explaining Apple’s technical documents, cybersecurity expert Rachel Tobac, CEO of SocialProof Security, pointed out that the bug enabled hackers to obtain full admin access to devices, allowing them to execute any code as if they were the user.
Security experts have advised users to update affected devices – some iPod models, including the fifth generation and later, the Mac computers running MacOS Monterey- an operating system released last year- the iPhones 6S and later models, all iPad Pro models and the iPad Air 2.
Admitting that it was aware of a report that these security flaws may have been actively exploited, Apple noted that the described vulnerabilities were patched by its latest software updates.
The reported flaws were discovered by an anonymous researcher the tech giant credited but shared few details about the vulnerabilities it only shortly described as an out-of-bounds write issue that enabled a malicious application to execute arbitrary code with kernel privileges both in iOS and MacOS.
The reports Apple issued do not reveal the number of customers affected by the flaws.
The company pointed out that it would similar secrecy would be maintained with any future security issues and that it will not disclose, discuss, or confirm such issues until an investigation on it is completed and patches or releases for the issue are available.
Apple’s phones have recently been the target of hacks by NSO Group, the private Israeli intelligence firm accused of breaching the devices of dozens of officials, journalists, lawyers, and activists around the world
Be the first to comment