iPhones, iPads and Macs are the target of hackers. By exploiting a zero-day security hole, hackers are able to take control of your device and steal your data. To protect you, Apple has rolled out a series of updates: iOS 15.4.1, iPadOS 15.4.1 and macOS Monterey 12.3.1.
This Thursday, March 31, Apple launched the deployment ofa security update on their devices. On all compatible iPhones, the Cupertino giant has deployed iOS 15.4.1. This is the first fix offered since the arrival of the big iOS 15.4 update. This intermediate update promises to increase the autonomy of the most recent iPhones, such as the iPhone 13. On the iPad side, the brand is pushing iPadOS 15.4.1.
According to the brief changelog published by Apple on its official website, this update is mainly aimed at fix a serious security flaw identified by an anonymous researcher. The company claims to be “aware of a report that this issue may have been actively exploited”.
Read also: iOS 15 hides certain private information from users, advertisers are on the teeth
Apple claims that hackers have already exploited the flaw
The flaw can allow an application “execute arbitrary code with kernel privileges”. Concretely, a hacker can exploit this failure to take control of your device. With kernel privileges, the attacker is free to do whatever they want on your remote terminal. It can in particular seize your data, activate or deactivate functionalities (webcam, etc.) or spy on your communications.
The breach also affects Macs running the latest version of the operating system, macOS Monterey. On the security notice dedicated to Macs, Apple also argues that hackers have actively exploited the flaw to seize certain terminals.
To correct the situation, Apple is deploying macOS Monterey 12.3.1 Update on his computers. Mirroring iOS 15.4.1 and iPadOS 15.4.1, the firmware fixed the issue “out of bounds writing” by “better boundary checking”. As a precautionary measure, we advise you to quickly install the update on your device.
On Mac, Apple also corrects a security vulnerability relating to an Intel graphics driver. Failure allows an application to‘access kernel memory. In theory, the breach makes it possible to steal data such as passwords.