A few days ago, Apple released an update to patch a couple of security flaws in its current operating systems. The company has now released iOS 15.7.9, iPadOS 15.7.9, macOS 12.6.9, macOS 11.7.10 to fix one of the security issues that affected older devices.
In case you missed it, here's what happened last week. Researchers at The Citizen Lab at The University of Toronto's Munk School, who had been analyzing an iPhone belonging to a member of a civil society organization in Washington, had discovered that the device was targeted in a Pegasus mercenary spyware attack. The experts had also found that the attack used a zero-day, zero-click vulnerability which required no interaction from the user. There was not just one, but two security loopholes in the operating systems, that had been targeted by cybercriminals.
The researchers had quickly reached out to Apple to report about the issues and to share their findings with the company, to help protect other users from similar targeted attacks. Apple's Security Engineering and Architecture team had acknowledged the bugs, and confirmed the fact that the flaws have been actively exploited by hackers. The Cupertino company released a patch a few days ago, to fix the flaws in the iOS 16.6.1, iPadOS 16.6.1, and macOS Ventura 13.5.2 updates. Interestingly, Apple had confirmed to the folk at Citizen Lab that Lockdown Mode, which is available for the three operating systems, had been successful in preventing the security attack. This feature is not available in older versions of iOS, iPadOS, and macOS, so the only way to stay safe is to keep your device up to date with the latest security updates.
Apple releases iOS 15.7.9, iPadOS 15.7.9, macOS 12.6.9, macOS 11.7.10
Since Apple had not released an update for older versions of its operating systems last week, I had speculated that the vulnerabilities possibly didn't affect older versions of macOS, but I was wrong. Or was I partially right? According to the release notes that have been published on the company's website, only one of the 2 actively exploited issues that I mentioned in the previous article, were found to impact macOS 11 Big Sur and macOS 12 Monterey. And as it turns out, it appears that iOS 15 and iPadOS 15 were also vulnerable to the security risk. The good news is Apple has patched the issue on all 4 operating systems, in order to protect users who have the old devices.
The security loophole in question, which was tracked under CVE-2023-41064, could allow maliciously crafted images to lead to arbitrary code execution. Apple fixed a buffer overflow issue with improved memory handling, to mitigate the problem. The security patch is available as part of the following updates: iOS 15.7.9, iPadOS 15.7.9, macOS 12.6.9 Monterey, macOS 11.7.10 Big Sur.
iPhones and iPads that are eligible for receiving the update include the iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation). It's great to see that Apple is being responsible in patching out security issues in iPhones that were released 7 years ago. It is even more impressive if you consider the fact that some Macs which run on Big Sur were launched over a decade ago.
Apple will release iOS 17 and iPadOS 17 today, during the iPhone 15 launch event.
Recommended Comments
There are no comments to display.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.