A recent security flaw has impacted the WebKit engine in the Apple web browser, which could allow hackers to access a device’s private data. Apple has not revealed how many users were affected by the vulnerability, but the company has released a patch to mitigate the issue. Users should update their iPhones, iPads, Mac computers, and other Apple gear to protect themselves.
The vulnerability can be exploited through a web page and can allow attackers to execute any code. This means that the attacker could control the device and download malware on it. This is a serious security flaw and Apple is aware of reports of attackers actively exploiting it. The latest update to iOS will prevent any further exploits of the vulnerability.
After the Hacking Team leaked internal data to the public, security researchers are busy identifying the exploits the team used. This team hacked the iPhones and iPads of elite clientele, including law enforcement agencies, the FBI, and government departments. They exploited a critical vulnerability in the iOS operating system to obtain personal information and install malicious apps.
Apple has issued an advisory addressing the CVE-2022-22587 vulnerability. The issue affects the IOMobileFrameBuffer kernel extension on iOS. While Apple does not share the details of active exploitation and other indications of compromise, this bug can allow malicious applications to execute arbitrary code with kernel privileges.
Apple has released an update that fixes the problem for iPhones that are running iOS 8.1.3 and later. However, there is still a possibility that attackers can use this vulnerability to spy on iPhone users. The patch does not prevent attackers from modifying bundle identifiers and tricking users into downloading apps that are not available in the App Store.
The iPhone security flaw is so severe that Apple is now facing a class action lawsuit from Regge Lopez and Tigran Ohanian. The lawsuit claims that Apple concealed the vulnerability from consumers and thereby harmed users. The flaw could allow a hacker to view private communications on your iPhone, including FaceTime calls.
Apple has released a new security update for iPhones and iPads that addresses the two critical flaws. The updates are available on the Apple App Store. Both updates are free, and Apple has warned users to update their devices. The latest security update addresses the two vulnerabilities in WebKit and the kernel.