Apple has credited an anonymous researcher(s) with identifying a pair of vulnerabilities which allow hackers to take complete control their devices, and some reports say many hackers are already using these vulnerabilities to attack users. One vulnerability affects the deepest layer of the operating system, known as the kernel, which all Apple devices have in common. The other vulnerability affects the technology behind the Safari web browser, WebKit.
Apple's explanation of this vulnerability means a hackers could gain full access to a user's device and execute code as if they are the user. Until Wednesday, the vulnerabilities were classified as "zero-day" bugs, because patches have only been available for zero days. Hackers are particularly abusing these bugs to target users who are in the public eye.
In order to fix the two separate zero-day vulnerabilities, Apple has released a set of patches with security updates for both iOS and macOS devices. The release of iOS 15.4.1 and macOS Monterey 12.3.1 on Thursday also fixed bugs in its operating system. These other bugs that were patched fixed an issue which drained the battery of iPhones and iPads quicker than expected, and fixed Bluetooth connectivity with Mac.