If you use an iPhone, iPad, or macOS then now is a good time to grab the latest updates due to a zero-day vulnerability found. The latest updates, released yesterday, fix this up by patching the vulnerability.
On the security page at Apple it describes the impact as follows:
Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
For iPadOS and iOS the update is 15.6.1 and is for the following devices:
- iPhone 6s and later.
- iPad Pro (all models)
- iPad Air 2 and later
- iPad 5th generation and later
- iPad mini 4 and later
- iPod touch 7th generation.
For macOS the update is 12.5.1 and is for the following devices:
- Any device running macOS Monterey (the newest OS released October 2021)
For watchOS, 8.7.1
- Only affects Apple Watch Series 3
For those using macOS Big Sur or macOS Catalina, Safari has an update that takes it to version 15.6.1.
What is a Zero-Day Exploit?
This exploit was zero-day until it was patched. The definition of a zero-day vulnerability is a vulnerability that has been disclosed but not yet patched. They are classed as higher risk because they are known about, and no patch exists, which gives hackers the advantage. Now that Apple has released a patch, it would be wise to install it quickly to prevent attempts at gaining unauthorised access to your Apple device.
Source: Apple
