Apple Zero-Day Vulnerability Oct 25

In today’s SensCy Cyber Alert, your SensCy team urges Apple product users to install the new updates immediately. The new update remediate a zero-day vulnerability in the iOS and iPadOS that has been exploited in the wild. Aside from the zero-day vulnerability, the new update also addresses 19 other security vulnerabilities. The update is available for iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generations and later, iPad 5th generation and later, and iPad mini 5th generation and later.

What is a zero-day vulnerability?

In cybersecurity, a zero-day vulnerability refers to a vulnerability in a system or device that has been disclosed but not yet patched. The vulnerability was discovered before developers and security researchers were aware of it and could provide a patch/update.

This new zero-day, identifier CVE-2022-42827, is an out-of-bounds write issue in the Kernel, according to Apple, it could be used by a rogue application to execute arbitrary code with the highest privileges. Apple is “aware of a report that this issue may have been actively exploited.”

How to check for new updates:

SensCy highly recommends turning on the Automatic Update on all Apple devices and products.

On your iPhone/iPad, go to the Settings App, scroll down to General, Click Software Update, Turn on Automatic Updates, and Download iOS 16

On your Mac, choose Apple menu > System Preferences, then click Software Update.

To automatically install macOS updates, select “Automatically keep my Mac up to date,” choose Apple menu > System Preferences, then click Software Update.

If you need additional information, use these Apple links:
iPhone/ iPad: macOS