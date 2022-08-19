Apple has just released emergency updates for iPhone, iPad and Mac that fix two ‘zero-day’ vulnerabilities. According to TechCrunch, these are being actively exploited by cyberattackers, which translates into a risk scenario for a large part of the users of the aforementioned devices.

A vulnerability is called ‘zero-day’ when it has been discovered by cyber attackers before the researchers or developers of the application. This means that as long as a security patch is not published that solves it, it can be exploited to execute surprise attacks against users.

When this type of failure is detected, the development teamsor have “zero days” of lead time to create the patch and release it. That is the moment when a race literally begins for software developers, in this case Apple, to create and release a security patch in the shortest possible time to reduce security risks on affected systems.

What do we know about these vulnerabilities

Both vulnerabilities are present in all three operating systems. One has been identified as CVE-2022-32894, and allows the arbitrary code execution with elevated privileges at the kernel level. In other words, full access to the device. Another, cataloged as CVE-2022-32893, is linked to a WebKit web application platform bug.

WebKit is used by Safari and other applications to access the web. In this sense, it would allow attackers to execute arbitrary code when visiting web pages that are infected or created specifically for targeted attacks. It should be noted that the combination of CVE-2022-32894 and CVE-2022-32893 could be used by attackers to exploit more layers of device security and carry out broader attacks.

If you have a device with the following characteristics, it is recommended that you install the update as soon as possible.

How to update the device

In the case of devices with iOS, that is, iPhone or iPad, you will have to enter Settings > General > Software update. The system will connect to Apple servers and show you the available update. In this specific case it will be iOS 15.6.1. Click on Download and install and wait for the process to complete.





If you have a Mac, click the apple icon in the top left corner of your screen, then click System preferences and in Software update. The system will connect with Apple and show you the update. In this case, macOS Monterey 12.5.1. click on Download and install.





Finally, remember to have your devices with enough battery or connected to the current. Also, keep in mind that this type of update will download between 410 MB and 1.2 GB to your device and requires a reboot to complete the process.

Neither the first nor the last

It should be remembered that although the ‘zero day’ vulnerabilities present a significant risk for users and it is recommended to update as soon as possible, it is not the first or the last one corrected by Apple in recent times. In 2022, the Cupertino company will already has released seven updates to resolve security issues affecting Mac, iPhone, and iPad.

Featured Image | unsplash