Apple Emergency Patch Preventing Vulnerabilities

Technology always runs the risk of having vulnerabilities. But when they do crop up, you want to make sure your company is taking care of them as quickly as possible.

Apple Emergency Patch Preventing Vulnerabilities

Technology always runs the risk of having vulnerabilities. But when they do crop up, you want to make sure your company is taking care of them as quickly as possible. In this case, Apple had a vulnerability affecting their iPhones, iPads, and Apple Watches. They recently released an emergency update patch for iPhones, iPads, and Apple Watches. This is the fourth Apple emergency patch they have had to issue this year due to vulnerabilities.

YouTube video

<span data-mce-type="bookmark" style="display: inline-block; width: 0px; overflow: hidden; line-height: 0;" class="mce_SELRES_start"></span><span data-mce-type="bookmark" style="display: inline-block; width: 0px; overflow: hidden; line-height: 0;" class="mce_SELRES_start"></span>

What Happened?

Google’s Threat Analysis Group detected the vulnerability. This group is an organization within Google that specializes in looking for all sorts of vulnerabilities. However, they don’t just focus on Google software and hardware. They also look at a bunch of technology out there.

They discovered a vulnerability in Apple’s Webkit browser engine. And the vulnerability is being actively exploited. What is happening is that it lets someone take control of those devices and monitor the activities of whatever you’re doing. This means the person has access to any texts you have sent and anything you have searched online. Also, if you’re shopping on Amazon through your iPad or iPhone, the person will be able to see your shopping habits, as well.

According to We Live Security, It is possible that remote attackers could trick victims into clicking on a specific link that would allow them to steal sensitive data, change the appearance of the website, or complete a phishing or drive-by-download attack.

It could also enable universal cross-site scripting. Essentially, this means that an attacker could easily send you to a malicious page they built, steal login credentials for a personal or business account, or send malware to your device to spy on it. They would also be able to take files from any cloud-based services you use.

Who is Affected?

The specific list of impacted devices are:

Any iPhone that is a 6s or later
Every version of the iPad Pro, iPad Air 2, and later
The fifth generation of iPad and later
iPad mini 4 and any after
7th generation of the iPod touch
Apple Watches

How Did Apple Respond?

It’s a pretty significant vulnerability, so Apple released emergency patches. They are telling people they need to apply them immediately. You will want to apply it to every one of your Apple devices, whether iPhone, iPad, or Apple Watch.

What You Need to Do

If you don’t have automatic updates set up, you will need to go into your settings and update them. You can go to Settings, then General, then Software Update. And you will see what version of the OS you currently have. There should also be a button to see if any updates are waiting to be installed. Click on that button and update to the newest version.

If you’re automatically set up for software updates, you should have seen a message notifying you there was an update available that needs to be installed. The problem is that many people turn those off because they are afraid a new update will mess with their device. In this case, you definitely want to apply this update. The longer you wait to update, the longer the window for a malicious hacker to steal your information.

Updates are the following:

for iPhones and iPad – 14.4.2.
for Apple, Watch OS is 7.3.3

At Alvarez Technology Group, we want to help you with your technology needs. Contact us today to find out more information.