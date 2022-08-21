Share the joy

You should update now.

Fixing Security Holes

Apple released iOS 15.6.1. It warned its users to update now to fix two security holes present on iPhones. The latest update fixes an issue in the iPhone Kernel that could let an app execute code with kernel privileges. The company is already aware that hackers may have already exploited the vulnerability.

The update also patched a flaw in Webkit. The flaw could enable arbitrary code execution. Attackers may have already used it in real-life scenes.

Apple strongly recommends users update their iPhone to iOS 15.6.1. ASAP.

Unfortunately, though, some iPhone users don’t like updating their devices. Others update their device but they still wait for a while before all bugs are fixed. But this update is an exception considering the issues that may arise if hackers would attack your device.

What Devices are Vulnerable?

Most iPhones are affected. But Apple specifically stated that the iPhone 6s and later models are affected. iPad Air 2 and later versions must also be updated.

Although Apple encourages users to update as soon as possible, it has not disclosed the severity of the flaw that has been exploited. But hackers could take control of a device’s operating system. They could execute arbitrary code and infiltrate devices through malicious web content.

The vulnerability also affects Mac computers that run MonteryOS and Safari Browser on Big Sur and Catalina OS.

Before Apple released the patch, the flaws would have been categorized as zero-day bugs. The weaknesses are vital for attackers. They are valuable on the market because brokers can buy them for millions of dollars.

A broker can pay half a million dollars for a security weakness that would allow a hacker to attack a user through Safari. And if it is a fully developed malware, a broker could pay $2 million. A fully developed malicious program can easily hack an iPhone without the user’s interaction. It means that an attack can happen without the need for the user to click on anything.

Commercial spyware companies are known to take advantage of those vulnerabilities. They can exploit them to infect the target’s phones, siphon their content and survey the targets in real-time.

NSO Group

The US commerce department has already blacklisted NSO Group. It has a spyware program that is now being used in the Middle East, Europe, Africa, and Latin America against human rights activists, dissidents, and journalists.

Before, Apple marketed its iPhones as unhackable. Nowadays, though, hackers could easily attack iPhone users. However, compared to Android security, iOS security is stronger. Nevertheless, you mustn’t rely on Apple to protect your data. Instead, you, as a user, must develop good data security habits.

Sketchy apps are some of the reasons iPhone can get hacked. They can spy on you if you let them. The most common targets for malware are apps with free wallpapers or ringtones. Well-rated apps may also be malicious. That’s why it is vital to be wary of some apps. If it consumes a lot of power, it may be performing more tasks than advertised.

Right now, the only thing you can do is update your Apple device.

