These vulnerabilities were disclosed in a software update, which the company said should safeguard the products. The first issue involved the potential for an application to execute arbitrary code with “kernel privileges,” which refers to a discrete right to perform an operation. The second issue, according to Apple, was in WebKit, which is a layout engine designed to allow web browsers to render web pages. Apple said it was “aware of a report that this issue may have been actively exploited.” The issue could allow a potential attacker to take complete control of these devices.
Security experts have advised users to update affected devices — iPhone 6 and later models; several models of the iPad, including the 5th generation and later, all iPad Pro models and the iPad Air 2; and Mac computers running MacOS Monterey. The vulnerabilities also affects the iPod Touch 7th generation models.
Apple’s explanation of the vulnerability means a hacker could get “full admin access to the device” so that they can “execute any code as if they are you, the user,”
Those who should be particularly attentive to updating their software are “people who are in the public eye,” such as activists or journalists who might be the targets of sophisticated nation-state spying.
Ref: Associated Press