Skip to main content
  1. Home
  2. Computing
  3. News

Update your Apple devices now to fix these dangerous exploits

Alex Blake
By

If you’re an Apple user — whether you have a Mac, an iPhone, an iPad, or an Apple Watch — you need to update your devices as soon as possible. That’s because Apple has discovered three actively exploited vulnerabilities that could cause your devices serious harm, and the patches are already out to fix them.

One of the bugs was found in Apple’s Security framework and would allow a malicious app to completely bypass a device’s signature validation. Another bug concerns the WebKit browser engine and could grant a threat actor the ability to run arbitrary code when a victim views a certain web page.

A person using a laptop with a set of code seen on the display.
Sora Shimazaki / Pexels

The third exploit was a flaw in a target device’s kernel that would let an attacker elevate their own privileges in the system, although it would require the person to have physical access to the device.

Recommended Videos

Commenting on the discoveries, Apple said: “Apple is aware of a report that this issue may have been actively exploited” on its devices in the wild.

Related

Affected devices run the gamut of Apple products, and include the iPhone 8 or later, the iPad mini 5th generation or later, the Apple Watch Series 4 or later, and any Mac running macOS Monterey or later. If you have any of these devices, it’s important that you check for updates as soon as possible.

Apple devices are not invulnerable

A locked iPhone, showing the lock icon at the top of the screen.
Digital Trends

Bypassing security measures, running malicious code, and gaining higher system privileges than expected could all be very dangerous for a victim’s system and highlight the ever-present threat from hackers and cybercriminals.

The number of bugs that have been discovered — and the broad range of devices they affect — makes this a particularly serious incident. It also aptly demonstrates that Apple products are not invulnerable and can be affected by malware.

All three exploits were discovered by Maddie Stone of Google’s Threat Analysis Group and Bill Marczak of the Citizen Lab at The University of Toronto’s Munk School. Just over a week ago, Citizen Lab announced the discovery of another major exploit that affected almost any app and web browser that could display WebP images, making it a major threat to millions of users around the world.

Fortunately, Apple moved quickly to fix all three of the bugs discussed earlier in this article. The patches were rolled out in macOS 12.7 and 13.6, iOS 16.7 and iOS 17.0.1, iPadOS 16.7 and 17.0.1, and watchOS 9.6.3 and 10.0.1. Make sure you update your devices as soon as possible to ensure they are safe.

Editors' Recommendations

Topics
Alex Blake
Alex Blake
Computing Writer
In ancient times, people like Alex would have been shunned for their nerdy ways and strange opinions on cheese. Today, he…
Apple may soon eliminate the notch from your Mac and iPhone
An Apple MacBook laptop with the macOS Ventura background wallpaper and the notch seen at the top of the display.

So many Apple devices have the divisive notch cutout these days that the feature has almost become its own brand, yet it continues to stir disapproving glances and attempts to hide it wherever it's seen. Apple could now be on the brink of eliminating it for good.

That’s because the company recently filed a patent in Europe outlining how future Apple devices, from Macs to iPhones, could do away with the notch once and for all, giving you a borderless experience that’s unbroken around the screen. It’s a grand idea, and Apple thinks it knows how to make it work.

Read more
Apple will now let you repair more Macs and iPhones yourself
A person repairing a MacBook using Apple's self-service repair kit.

Apple has been running a self-service repair program that lets you fix up your devices yourself since April 2022, but it’s always been a little bit hobbled. Now, though, Apple has expanded the program to include some of the latest devices available in what could be a boost to the right-to-repair movement.

Starting today, the program will include the M2 13-inch MacBook Air and the M2 13-inch MacBook Pro, as well as the entire iPhone 14 lineup. That means if you want to repair one of these products, Apple will provide you with official parts, tools and instructions to help you do it. Previously, you couldn’t do this yourself with Apple-approved parts, despite the devices being available for many months.

Read more
This critical exploit could let hackers bypass your Mac’s defenses
A hacker typing on an Apple MacBook laptop while holding a phone. Both devices show code on their screens.

Microsoft has discovered a critical exploit in macOS that could grant hackers easy access to your Mac’s most important data. Dubbed ‘Migraine,’ it shows why it’s vital to update your Mac as soon as possible.

Migraine is so damaging because it can bypass Apple’s System Integrity Protection, or SIP for short. SIP is enabled by default on modern Macs and works by sandboxing sensitive parts of the computer from outside meddling. Only processes that are signed by Apple (or those with special privileges, like Apple installers) are allowed to alter something guarded by SIP.

Read more