Recommended NZ | Guide to Money | Gimme: Competitions - Giveaways

Call to update iOS devices ASAP - Kaspersky

Contributor:
Fuseworks Media
Fuseworks Media

Apple has released an urgent update for iOS and iPadOS that fixes the CVE-2022-22620 vulnerability. They recommend updating devices as soon as possible, as the company have reason to believe the vulnerability in WebKit is already being actively exploited by unknown actors.

Why this vulnerability is dangerous?The most likely attack scenario is an infection of an iPhone or iPad device after visiting a malicious web page.

At the moment, Apple experts only say the vulnerability belongs to the Use-After-Free (UAF) class - related to incorrect use of dynamic memory in applications. Its exploitation allows the attacker to create malicious web content, the processing of which can lead to arbitrary code execution on the victim’s device. (Apple experts do not disclose the details of the vulnerability until the investigation is completed, and the majority of users have the patches installed)

Which devices and apps are vulnerable?Judging by the description of the bug, the vulnerability was found in the WebKit engine used in many applications for macOS, iOS and Linux.

All browsers for iOS and iPadOS are based on this open source engine - not only iPhone’s default Safari, but also Google Chrome, Mozilla Firefox and any others. So even if you do not use Safari, this vulnerability still affects you directly.

Apple released updates for iPhones 6s and newer; all models of iPad Pro, iPad Air version 2 and newer, iPad starting with the 5th generation, iPad mini starting with 4th generation, and iPod touch media player starting with the 7th generation.

How to stay safe?To protect your device, install iOS 15.3.1 and iPadOS 15.3.1 updates. Your device needs to be connected to a Wi-Fi network to install the patch.

If your device does not yet show a notification that the update is ready for installation, you can force your system into updating a little bit quicker: go to the system settings yourself (Settings → General → Software update) and check the availability of software updates.

All articles and comments on Voxy.co.nz have been submitted by our community of users. Please notify us if you believe an item on this site breaches our community guidelines.