APPLE has patched three major security bugs that may have exposed millions of iPhone owners to cyber crooks.
The vulnerabilities in the iPhone software were actively under attack by hackers, and could have been exploited to remotely access your mobile.
They were fixed in an update to Apple’s iOS software rolled out by the California company this week.
iPhone and iPad users have been urged to update their devices as soon as possible to protect themselves from cyber attacks.
Apple highlighted the mended security holes on Tuesday in its patch notes for the iOS 14.4 and iPad OS 14.4 updates.
Under kernel updates, the company notes that “a malicious application may be able to elevate privileges.”
Under WebKit updates, it says “a remote attacker may be able to cause arbitrary code execution.”
Perhaps most worrying is the iPhone-maker’s admission that the vulnerabilities were being actively exploited by hackers.
“Apple is aware of a report that this issue may have been actively exploited,” the company wrote.
The update notes don’t give any further details, meaning there’s no way of knowing how many people may have been affected.
To protect yourself against the exploits, you should update your Apple gadgets at your earliest convenience.
To get the update, head to Settings > General > Software Update on your iPhone or iPad.
How to stay safe from hackers
- Protect your devices and networks by keeping them up to date: use the latest supported versions, use anti-virus and scan regularly to guard against known malware threats.
- Use multi-factor authentication to reduce the impact of password compromises.
- Tell staff how to report suspected phishing emails, and ensure they feel confident to do so, investigate their reports promptly and thoroughly.
- Set up a security monitoring capability so you are collecting the data that will be needed to analyse network intrusions
- Prevent and detect lateral movement in your organisation’s networks.
This will show you any available software updates, including iOS 14.4.
Don’t worry if the update isn’t there yet, it’s still rolling out and may not have reached some regions just yet.
Experts praised Apple for fixing the security holes but suggested that the extent of the damage may yet prove to be substantial.
Sam Curry, chief security officer at Cybereason, said: “Apple admitting to iPhone security vulnerabilities is about as rare as someone getting struck by lightning.
“Kudos for them for releasing iOS 14.4 with patches for the three identified bugs.
“What we won’t know for some time is how widespread the threat is. That information is reportedly forthcoming.”
In other news, a hacker has exposed the private details of 2.3million people after breaking into a popular dating service.
A hacker locked up people’s penises earlier this month by remotely accessing “smart” chastity cages – and demanded a $750 ransom.
A new tool called “Bufferi.ng” claims it can help people fake a bad video call connection so you can take a break from meetings.
What do you make of the iPhone hack? Let us know in the comments!
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]
This post first appeared on Thesun.co.uk