Security News > 2022 > August > iPhone Users Urged to Update to Patch 2 Zero-Days

Apple is urging macOS, iPhone and iPad users immediately to install respective updates this week that includes fixes for two zero-days under active attack.

Patches address two flaws, which basically impact any Apple device that can run either iOS 15 or the Monterey version of its desktop OS, according to security updates released by Apple Wednesday.

One of the flaws is a kernel bug, which is present both in iOS and macOS. According to Apple it is an "Out-of-bounds write issue [that] was addressed with improved bounds checking."

One expert expressed worry that the latest Apple flaws "Could effectively give attackers full access to device," they might create a Pegasus-like scenario similar to the one in which nation-state APTs barraged targets with spyware made by Israeli NSO Group by exploiting an iPhone vulnerability.

The onus is not only on vendors to protect these devices but also for users to be more aware of existing threats, Whaley observed.

"While we all rely on our mobile devices, they are not invulnerable, and as users we need to maintain our guard just like we do on desktop operating systems," he said in an email to Threatpost.

News URL

https://threatpost.com/iphone-users-urged-to-update-to-patch-2-zero-days-under-attack/180448/