Apple has released a pair of special software updates for older iPhone and certain iPad models. This was done to get rid of a dangerous flaw that could allow an attacker to remotely exploit the vulnerability which was given the tracking number CVE-2022-42856. CVE stands for common vulnerabilities and exposures.
The tech giant issued a security bulletin on Monday along with the two aforementioned updates, iOS 15.7.2 and iPadOS 15.7.2. The was disseminated to all iPhone 6s models, all iPhone 7 models, the first-generation iPhone SE, all iPad Pro models, iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and the seventh-generation iPod touch.
The vulnerability was discovered by Clément Lecigne of Google’s Threat Analysis Group and was caused by a WebKit type-confusion error. In simple terms, something in the software code was not matching up with what the software was expecting. The attackers could then trick iPhone and iPad users into visiting a malicious webpage that was created by the bad actors allowing the device to fall under the control of the attackers. WebKit is the browser engine developed by Apple and is used on Safari and other browsers.
The seventh-generation iPod touch is one of the devices that received the iOS 15.7.2 update
With this attack, any command or code could be run on the targeted device, additional malware and spyware can be deployed, and a user’s personal information could be stolen. Or, as Apple says, “Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1.”
Don’t gloss over Apple’s statement because you’ll see that the company reveals that it is aware of a report that says the flaw was exploited on devices running versions of iOS older than the 15.1 release.
If you own one of the Apple devices mentioned in the second paragraph, you should install the update as soon as possible by going to Settings > General > Software Update.
Denial of responsibility! Gulehri.com is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – firstname.lastname@example.org. The content will be deleted within 24 hours.