Apple has issued a warning about a vulnerability that enables hackers to take control of iPhones, iPads, and Mac computers and is advising customers to apply urgent software updates. Some iPod models are affected as well.
The IT giant published patches on Wednesday (17 August) and Thursday to address what it claimed was a vulnerability that hackers were already aware of and potentially exploit.
"Apple is aware of a report that this issue may have been actively exploited," the Silicon Valley-based company said.
Apple did not say whether it was aware of how widely the problem had been abused. On Wednesday, it published two security assessments on the problem, but they didn't draw much notice outside of tech magazines.
According to the technical description, a hacker may utilize the vulnerability to take over a device and access all of its data and functionalities. Intruders would be able to impersonate the device's owner and then run any software in their name, according to Rachel Tobac, CEO of SocialProof Security.
Patches were made available for iPhones, iPads, and Mac computers running vulnerable operating systems. Users are advised to update affected devices, which include the iPhone 6S and later models, several iPad models, including the 5th generation and later, all iPad Pro models, and the iPad Air 2; and Mac computers running MacOS Monterey. Some iPod models are also affected by the flaw.
The reports do not specify how, where, or by whom the vulnerabilities were found, according to Apple. It referenced an unnamed researcher in each incident.
Commercial spyware organizations like Israel's NSO Group are renowned for spotting and exploiting these weaknesses in malware that covertly infects targets' smartphones, siphons their information, and continuously monitors the targets.
The U.S. Commerce Department has placed NSO Group on a "blacklist." Its spyware has reportedly been used against journalists, dissidents, and human rights campaigners in Europe, the Middle East, Africa, and Latin America.
Will Strafach, a security expert, claimed that he has not seen any technical examination of the vulnerabilities that Apple has just patched. The company had previously disclosed comparable critical problems and highlighted that it was aware of claims that these security weaknesses had been exploited about a dozen different times.
The warning comes ahead of Apple's traditional September launch of the latest iPhone, which is expected to be called the iPhone 14 this year.