Apple has released a special software update for older iPhones and certain iPad models. This was done to remove a dangerous flaw that could allow an attacker to remotely exploit a vulnerability given a tracking number. CVE-2022-42856. CVE stands for Common Vulnerabilities and Exposures.
Issued by a tech giant Along with the two aforementioned updates, iOS 15.7.2 and iPadOS 15.7.2, we published a security bulletin on Monday. All models of iPhone 6s, all models of iPhone 7, first generation iPhone SE, all models of iPad Pro, iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and 7th generation iPod.
The vulnerability was discovered by Clément Lecigne of Google’s Threat Analysis Group and was due to a WebKit type confusion error. Simply put, something in the software code did not match what the software expected. An attacker can then trick her iPhone and iPad users into visiting her malicious webpage created by a malicious person, and put the device under the attacker’s control. WebKit is the browser engine developed by Apple and used by browsers such as Safari.
The 7th generation iPod touch is one of the devices that received the iOS 15.7.2 update.
This attack can execute arbitrary commands or code on the targeted device, deploy additional malware or spyware, and steal user’s personal information. Or, as Apple puts it, “Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of reports that this issue may have been actively exploited against versions of iOS released prior to iOS 15.1. ”
Don’t take Apple’s statement lightly, as it clarifies that the company is aware of reports of this vulnerability being exploited on devices running versions of iOS older than the 15.1 release.
If you own any of the Apple devices mentioned in the second paragraph, you should visit the following URL and install the update as soon as possible. Configuration > Universal > software updates.
Source link
