Skip to main content
  1. Home
  2. Computing
  3. News

Update your Apple devices now to fix these dangerous exploits

By

If you’re an Apple user — whether you have a Mac, an iPhone, an iPad, or an Apple Watch — you need to update your devices as soon as possible. That’s because Apple has discovered three actively exploited vulnerabilities that could cause your devices serious harm, and the patches are already out to fix them.

One of the bugs was found in Apple’s Security framework and would allow a malicious app to completely bypass a device’s signature validation. Another bug concerns the WebKit browser engine and could grant a threat actor the ability to run arbitrary code when a victim views a certain web page.

A person using a laptop with a set of code seen on the display.
Sora Shimazaki / Pexels

The third exploit was a flaw in a target device’s kernel that would let an attacker elevate their own privileges in the system, although it would require the person to have physical access to the device.

Recommended Videos

Commenting on the discoveries, Apple said: “Apple is aware of a report that this issue may have been actively exploited” on its devices in the wild.

Related

Affected devices run the gamut of Apple products, and include the iPhone 8 or later, the iPad mini 5th generation or later, the Apple Watch Series 4 or later, and any Mac running macOS Monterey or later. If you have any of these devices, it’s important that you check for updates as soon as possible.

Apple devices are not invulnerable

A locked iPhone, showing the lock icon at the top of the screen.
Digital Trends

Bypassing security measures, running malicious code, and gaining higher system privileges than expected could all be very dangerous for a victim’s system and highlight the ever-present threat from hackers and cybercriminals.

The number of bugs that have been discovered — and the broad range of devices they affect — makes this a particularly serious incident. It also aptly demonstrates that Apple products are not invulnerable and can be affected by malware.

All three exploits were discovered by Maddie Stone of Google’s Threat Analysis Group and Bill Marczak of the Citizen Lab at The University of Toronto’s Munk School. Just over a week ago, Citizen Lab announced the discovery of another major exploit that affected almost any app and web browser that could display WebP images, making it a major threat to millions of users around the world.

Fortunately, Apple moved quickly to fix all three of the bugs discussed earlier in this article. The patches were rolled out in macOS 12.7 and 13.6, iOS 16.7 and iOS 17.0.1, iPadOS 16.7 and 17.0.1, and watchOS 9.6.3 and 10.0.1. Make sure you update your devices as soon as possible to ensure they are safe.

Editors’ Recommendations

Topics
Alex Blake
Alex Blake
Computing Writer
Alex Blake has been working with Digital Trends since 2019, where he spends most of his time writing about Mac computers…
Apple’s M4 iMac brings next-gen power to your desktop
People using the Apple iMac with M4 chip.

Apple has brought its M4 chip to the iMac, making it the first Mac to get Apple’s latest silicon chip. The update also brings new colors and a significant performance improvement for the all-in-one desktop computer, and it comes a year after it received the previous-generation M3 chip. As with the previous M1 and M3 iMacs, the M4 model is compatible with Apple Intelligence.

It comes at the beginning of a week of product releases from Apple, with the company previously teasing that it had much more to reveal in the coming days. The updates could see the entire Mac lineup receive some variant of the M4 chip (including more powerful M4 Pro, M4 Max and M4 Ultra editions) over the coming months.

Read more
macOS Sequoia fixes a problem that’s bugged me for years
The iPhone Mirroring feature from macOS Sequoia being demonstrated at the Worldwide Developers Conference (WWDC) 2024.

Sometimes, people think it’s the big, headline features -- like Apple Intelligence -- that make an operating system great. But there’s one new feature in macOS Sequoia that shows the opposite is true -- that a collection of less glamorous, yet meaningful changes can have a much bigger impact.

I’m talking about Apple’s new iPhone Mirroring feature. Or rather, one particular element of iPhone Mirroring: its new drag-and-drop ability. Even in the few short days it’s been available, it’s managed to improve my daily workflow and fix an issue that’s been bugging me for years.

Read more
Apple just proved it learned from the Touch Bar’s failure
The Ultramarine iPhone 16.

Apple revealed a lot of new products and features at the ‘It’s Glowtime’ event earlier this week, but the best moment of all? For me, it was when Apple showed off the Camera Control, a new touch-sensitive button on the iPhone 16 range that lets you snap photos, change the camera’s focus point, switch between controls for depth of field and zoom, and more. You can press it to take a picture, or lightly press and swipe to scroll through various camera controls. For something so small, it packs in an awful lot.

It perfectly encapsulates that elusive Apple magic inside a button that can do so much in some very clever and intuitive ways. It’s the sort of thing that, like so many Apple features, will spawn a legion of imitators, but none will come close to the original.

Read more