Apple Patches Actively Exploited Zero Day Threat On iPhone, iPad And Mac, Update Now
iPhones, iPads, and Macs share a significant security flaw labeled CVE-2022-22620. This particular flaw can potentially wreak havoc on an affected device by allowing arbitrary code execution. Arbitrary code execution allows an attacker to make the device execute any code they wish. If exploited, a malicious user could download a file, run it, bypass certain restrictions, gain full access to the computer or device, and you know where the story goes from there. The issue is part of Apple's WebKit API along with a function called Use After Free.
Affected devices include:
- Macs with macOS Monterey 12.2.0 and below
- iPhones and iPads with iOS or iPadOS 15.3.0 and below
iPhone and iPad devices that need to be updated include:
- iPhone 6s and later
- iPad Pro (all models)
- iPad Air 2 and later
- iPad 5th generation and later
- iPad mini 4 and later