Make sure your devices are always patched and up to date. Apple has reported on Wednesday a serious out of bounds write issue that affects iOS, iPadOS and macOS. They’ve created a CVE for it, but have not yet filed the details.
This exploit is actively being used in combination with a Webkit exploit. It allows injection via the Safari browser (theoretically, this exploit may be available on Linux as well through the KDE project’s Konqueror browser). The associated CVE has been created, but the details have not yet been filed.
The exploit affects:
- iPhone 6s or later
- iPad Pro (all models)
- iPad Air 2 and later
- iPad 5th gen and later
- iPad mini 4 and later
- iPod Touch 7th gen
It can be patched by updating to iOS 15.6.1 or iPadOS 15.6.1.
For macOS, this exploit can be patched by updating to Monterey 12.5.1.