Update Your Devices!: New Apple Zero-Day Vulnerability

Earlier this month, Apple discovered a zero-day vulnerability that posed a risk to Mac and iOS devices across the board. The flaw specifically targets software – macOS and iOS systems – and the company reported that cybercriminals may have seized the opportunity to make use of the vulnerability. Read on to learn more about this kind of cyberattack and what you can do to protect yourself from it.

What is a zero-day vulnerability?

A zero-day vulnerability is a type of security risk where a cyberattack happens the same day that a vulnerability is detected. Security researchers and software developers don’t know much about zero-day vulnerabilities. A company may discover the security flaw before IT professionals are aware of it, so a patch isn’t immediately available. Because of this, zero-day attacks put users at higher risk for the below reasons:

• Attackers are quick to take advantage of these security risks to cash in on their schemes
• Devices and systems remain unprotected, until the vendor releases a patch

How exactly could it negatively affect my device?

Tracked by the Common Vulnerabilities and Exposures Report as “CVE-2022-32917”, not much is said about the flaw. According to MalwareBytes, it can possibly let an altered application to execute potentially malicious code with high level privileges that could compromise the core of the code in a system. This means that the attacker could make significant changes to your device. Apple stated that affected products include:

• Macs running macOS Monterey 12.6 and macOS Big Sur 11.7
• iPhone 6s and later
• All iPad Pro models, iPad Air 2 and later, iPads 5th generation and later, iPad Mini 4 and later
• iPod touch, 7th generation

What can I do to protect myself from this zero-day attack?

Since announcing the security risk, Apple released important updates for the affected products on September 12th. This includes updates for macOS Big Sur 11.7, Monterey 12.6, and iPad and iOS 15.7. We highly recommend updating your devices now if you haven’t already done so as part of your regular update routine.

Worried about compromised Apple devices or just want to take preventative measures? We at Orange County Computer are happy to help. Whether personal or for business, we’ll assist by protecting your systems from vulnerabilities like CVE-2022-32917. Don’t hesitate to contact us about Anti-Malware, Firewall, Security, and Disaster Prevention Solutions. Most importantly, ask us how we can move your applications and data into an all-around secure Virtual Desktop solution! Call us today at (949) 522-7709 – we look forward to working with you!