Just days after patching two nasty security bugs in iPhones and Macs, Apple is now rolling out separate updates to patch older hardware against the flaws. Users are strongly encouraged to install the updates sooner rather than later.
CVE-2023-28206 and CVE-2023-28205 were reported by Clément Lecigne of Google's Threat Analysis Group and Donncha Ó Cearbhaill of Amnesty International’s Security Lab.
The researchers found that the bugs make for an exploit chain that opens the iOS kernel to attacks. If exploited properly, the bugs allow a motivated criminal to run malware on the target device.
Historically, hackers have used these deep-privilege-access bugs to run spyware on Apple hardware. In the advisory, the tech giant itself notes that targeted attacks may have unfolded.
iOS 15.7.5 and iPadOS 15.7.5 effectively patch older device models against these flaws, including the iPhone 6s, iPhone 7, iPhone SE, iPad Air 2, iPad mini (4th generation) and iPod touch (7th generation).
The first of the two bugs squashed in this round of updates also affects desktop users running macOS Big Sur and macOS Monterey. Those running these older versions of the Mac operating system are instructed to update to macOS Big Sur 11.7.6 and macOS Monterey 12.6.5.
Apple appears to have sped up backporting patches for older products recently, from weeks to mere days. The behemoth has also taken systematic steps to double down against spyware in recent years.
Bitdefender Mobile Security for iOS offers powerful protection against all types of cyber threats with minimal impact on device performance and battery life.
tags
Filip has 15 years of experience in technology journalism. In recent years, he has turned his focus to cybersecurity in his role as Information Security Analyst at Bitdefender.
View all postsDecember 19, 2024
November 14, 2024