However Sam Curry, Chief Security Officer at Cybereason, urged users not to panic.Īpple's iPhone 13s are pictured on display in September 2021 'If Apple think it's so serious that they need to go public then if you haven't already installed iOS 15.6.1 you need to go and do it right now.' 'The big risk in publicising a major vulnerability is that now every cyber criminal on the planet knows it exists and Apple users are in a race to update their devices before they can be infected,' he said. 'If exploited, attackers would be able to see your location, read messages, view contacts lists and potentially even access the microphone and camera – all the things you don't want to have out there,' he said.īrian Higgins, security specialist at Comparitech, added that it was very rare for Apple to go public with a security announcement like this, meaning everyone should take the threat seriously and update as soon as they are able. However, Jake Moore, Global Cybersecurity Advisor at ESET Internet Security, told MailOnline that they could potentially allow hackers to take complete control of devices. Those who should be particularly attentive to updating their software are 'people who are in the public eye' such as activists or journalists who might be the targets of sophisticated nation-state spying, Tobac said.Īpple has not commented on the flaws, besides warning people they had been detected. The two flaws are believed to be related.Īpple's explanation of the vulnerability means a hacker could get 'full admin access to the device' so that they can 'execute any code as if they are you, the user,' said Rachel Tobac, CEO of SocialProof Security. The second bug allows a malicious application 'to execute arbitrary code with kernel privileges,' which means full access to the device. Apple said the WebKit bug could be exploited if a vulnerable device accessed or processed 'maliciously crafted web content may lead to arbitrary code execution'.
0 Comments
Leave a Reply. |