If you’re an Apple user — whether you have a Mac, an iPhone, an iPad, or an Apple Watch — you need to update your devices as soon as possible. That’s because Apple has discovered three actively exploited vulnerabilities that could cause your devices serious harm, and the patches are already out to fix them.
One of the bugs was found in Apple’s Security framework and would allow a malicious app to completely bypass a device’s signature validation. Another bug concerns the WebKit browser engine and could grant a threat actor the ability to run arbitrary code when a victim views a certain web page.
The third exploit was a flaw in a target device’s kernel that would let an attacker elevate their own privileges in the system, although it would require the person to have physical access to the device.
Commenting on the discoveries, Apple said: “Apple is aware of a report that this issue may have been actively exploited” on its devices in the wild.
Affected devices run the gamut of Apple products, and include the iPhone 8 or later, the iPad mini 5th generation or later, the Apple Watch Series 4 or later, and any Mac running macOS Monterey or later. If you have any of these devices, it’s important that you check for updates as soon as possible.
Bypassing security measures, running malicious code, and gaining higher system privileges than expected could all be very dangerous for a victim’s system and highlight the ever-present threat from hackers and cybercriminals.
The number of bugs that have been discovered — and the broad range of devices they affect — makes this a particularly serious incident. It also aptly demonstrates that Apple products are not invulnerable and can be affected by malware.
All three exploits were discovered by Maddie Stone of Google’s Threat Analysis Group and Bill Marczak of the Citizen Lab at The University of Toronto’s Munk School. Just over a week ago, Citizen Lab announced the discovery of another major exploit that affected almost any app and web browser that could display WebP images, making it a major threat to millions of users around the world.
Fortunately, Apple moved quickly to fix all three of the bugs discussed earlier in this article. The patches were rolled out in macOS 12.7 and 13.6, iOS 16.7 and iOS 17.0.1, iPadOS 16.7 and 17.0.1, and watchOS 9.6.3 and 10.0.1. Make sure you update your devices as soon as possible to ensure they are safe.
Related Posts
We review a lot of health wearables. This one tracks something most ignore.
We've discussed the Hume Band’s design ethos before; specifically, how its screen-free, fabric-wrapped profile respects your attention span. But for those who treat their health as a long-term asset, the form factor is secondary to the data.
Rokid’s AI glasses offer a more affordable route to wearables than Meta Ray-Ban
The AI Glasses Style is completely screenless and weighs just 38.5 grams, making it light enough to wear all day without discomfort. Instead of visual overlays, it relies on voice, audio, and a built-in 12MP Sony camera capable of shooting 4K video in clips up to 10 minutes.
Forget the watch, Apple’s AI Pin might be its next wearable move
According to the details shared so far, the wearable is still in the very early stages of development. In fact, Apple could launch it or even cancel it, depending on how engineering and market conditions evolve. That said, people familiar with the project say the company is targeting a 2027 release window, a move that would position Apple directly against other AI wearable efforts from competitors like OpenAI and others experimenting with similar form factors.