Apple has credited an anonymous researcher(s) with identifying
a pair of vulnerabilities which allow hackers to take complete control their
devices, and some reports say many hackers are already using these
vulnerabilities to attack users. One vulnerability affects the deepest layer of
the operating system, known as the kernel, which all Apple devices have in common.
The other vulnerability affects the technology behind the Safari web browser,
WebKit.
Apple's explanation of this vulnerability means a hackers
could gain full access to a user's device and execute code as if they are the
user. Until Wednesday, the vulnerabilities were classified as "zero-day" bugs, because
patches have only been available for zero days. Hackers are particularly abusing
these bugs to target users who are in the public eye.
In order to fix the two separate zero-day vulnerabilities,
Apple has released a set of patches with security updates for both iOS and
macOS devices. The release of iOS 15.4.1 and macOS Monterey 12.3.1 on Thursday also
fixed bugs in its operating system. These other bugs that were patched fixed an
issue which drained the battery of iPhones and iPads quicker than expected, and
fixed Bluetooth connectivity with Mac.
