Overcome Zero-Day Vulnerability, Apple Releases Security Update for iPhone, iPad and Mac

JAKARTA - Apple released a security update for all its platforms at once. iPhone, iPad and Mac users should immediately install this fix as hackers are exploiting a vulnerability the company has.

On the security updates page, Apple states that there have been reports of security issues they have received, and may have been actively exploited.

Someone told the company they had observed hackers exploiting bugs against real-world targets, as opposed to vulnerabilities discovered by researchers in controlled environments.

Apple commends the anonymous researchers for the discovery, and also thanks Citizen Lab for their assistance.

Citizen Lab is a digital rights research group housed at the University of Toronto's Munk School, known for exposing misuse of government hacking tools such as those created by the NSO Group.

Apple spokesperson Scott Radcliffe said the company did not add anything other than what was in the release notes, quoted from TechCrunch, Wednesday, February 15.

According to reports, this latest bug is in WebKit, Apple's browser engine used in Safari, is a popular target for hackers, as it can open access to other device data.

An update now available for iOS 16, iPadOS 16, macOS Ventura and the latest edition of Safari that was available for earlier versions of macOS Big Sur and Monterey.

The iPhone, iPad, and Mac patch also closes a common kernel vulnerability that allowed apps to run arbitrary code with kernel privileges.

While the Mac fix addresses a bug that apps could exploit to observe unprotected user data.

As of 2021, Motherboard reports that in just the first four months of that year, Apple had patched seven wildly exploited bugs, six of which were in WebKit, a figure considered high by experts at the time.

As usual, the chances that the average iPhone user will be subject to a zero-day like this are slim, but users should still update their phone's operating system.