Apple releases emergency updates to address critical issues.
Apple (iPhone Emergency Updates) released emergency security fixes for iOS 15 and macOS 12 Monterey today (March 31), addressing two zero-day security holes that may have already been exploited by unidentified hackers.
If you have an iPhone 6s, an original iPhone SE, or any later iPhone model, or a Mac that can run Monterey, you should upgrade it right away. All iPad Pro models, the seventh-generation iPod Touch, the iPad Air 2 and later, the iPad Mini and later, and the fifth-generation iPad and later are affected in the same way.
These devices will require an update to iOS 15.4.1, iPadOS 15.4.1, or macOS Monterey12.3.1, which were all released today. (Apple’s watchOS and tvOS both received upgrades today, though no security patches appear to have been included.)
Table of Contents
iPhone Emergency Updates Hackers attacking Apple
Your Apple device should let you know that an update is available. Otherwise, go into Settings > General > Software Update on an iPhone or iPad, or System Preferences > Software Update on a Mac.
Serious flaws that reach into the kernel
The Mac update addresses two security flaws. The first is CVE-2022-22674, which is a flaw in the Intel graphics driver that allows an app to read kernel memory, the operating system’s inner workings.
This capability could allow a application to steal passwords, digital verification signatures, and other sensitive data used by current operating systems to keep things secure.
The second problem affects the AppleAVD media decoder and is designated as CVE-2022-22675. As Apple put it in its security advisory, it might allow a application to “run arbitrary code with kernel privileges.”
That’s a big deal since it essentially gives an app God mode, which means it can do whatever it wants on your Mac, iPhone, or iPad.
CVE-2022-22675 is also present on iOS and iPadOS, and it was the only vulnerability addressed in today’s releases. It should go without saying that it sounds just as harsh on mobile devices as it does on Macs.
(CVE stands for “common vulnerabilities and exposures,” which is how the federal government of the United States categorises information-security issues.)
“An unidentified researcher” was credited with informing Apple of both issues.
Who’s behind these attacks?
In all circumstances, a malicious application must first gain access to your Mac, iPhone, or iPad in order to carry out its evil deeds, but this isn’t impossible if the app takes use of a “zero-day” hole that Apple is unaware of until after the malware has been installed.
“Apple is aware of a report that this problem may have been actively exploited,” says the disclaimer for each of these flaws.
In other words, these flaws have already been exploited to attack Macs, iPhones, and/or iPads. Apple isn’t stating who it is, but it’s most likely a nation-state hunting down political dissidents or other undesirables.
In recent years, China has used iOS weaknesses to spy on Uyghur activists, while Middle Eastern governments have purchased commercial iOS malware to track dissidents and human-rights campaigners.
So, do you think you’re at a significant danger of being attacked because of these flaws? Probably not at this time.
However, you should upgrade your iDevices anyway, since as you read this, criminal hackers who are far less selective in who they target are dismantling Apple patches and attempting to exploit these flaws. It’s only a matter of time before these flaws are exploited in a large-scale attack.
The iOS 15.4.1 update not only fixes security flaws, but it also fixes a battery draining issue that some users have observed after installing the original iOS 15.4 upgrade.