Recently, we provided information surrounding an alert for Apple Macs and Ipads which may place older devices and their users in the dark. Just hours later, another warning has been issued that affects Apple iOS and iPad risk alerts. If you have questions, or would like to have your machines reviewed, please contact our Help Desk.
Potential Impact For: Apple iPhone, iPad, iOS and OS13 Ventura Users
The latest alert warns iOS and iPadOS users who have updated to version 16.1 and 16 that there are major security vulnerabilities that allow kernel code execution. A program that runs in kernel mode has full access to the device hardware and can execute any CPU instruction, access any memory address, and essentially do anything it wants. The bug has been dubbed CVE-2022-42827. While Apple is expected to create updates and patches to address these issues, the only way to be sure you are not affected is either:
- Don’t download the version 16 and 16.1 updates until a patch has been released.
- Update the patches early and often.
Recently, risks and updates for macOS13 Ventura users included vulnerabilities and security holes which allowed rogue code to run on devices with system privileges. According to naked security by Sophos, “On top of that, there are two elevation-of-privilege (EoP) bugs listed for Ventura that we assume could be used in conjunction with some, many or all of the remaining 14 non-system code execution bugs to form an attack chain that turns a user-level code execution exploit into a system-level one.” Apple iOS and iPad risk alerts have become more problematic in recent years.
In August of 2022, Apple disclosed serious security vulnerabilities that could potentially allow attackers to ‘get full admin access’ and take over user devices. This spyware could allow an intruder to impersonate the device owner, exploit malware and infect the phones, and even surveil the target device in real time. For these previous attacks, users were advised to update their phones immediately.
At Conscious Networks, we stay up to date on all of the latest technology alerts to keep our clients, and their users, informed of the latest information for software, hardware, virus, malware, and cyber security threats. Contact us today to learn more about our information technology services.
Security Alert: 10/25/22