‘Malicious content’ bad news for those of us who depend on Apple products for their work

appleproductlineup-800x313

Sky News was amongst a number of media outlets reporting yesterday (18th August, 2022) that premium electronics manufacturer, Apple Inc, had disclosed serious security vulnerabilities for iPhones, iPads and Macs.

The models affected include the iPhone 6S and later, newer iPads, and Macs running the operating systems of ‘Monterey’ and above, with the flaws potentially enabling hackers to gain full access to the devices.

Which is bad news for Neil Wilby, the author of this article, who works with a trusty XR iPhone, iPad Air 2 and MacBook Air. Bought, on a stretched budget, for their robustness, reliability, longevity and [apparent] effectiveness against security breaches. Important to a vocation as a journalist working in varied locations, including court reporting, for long hours and where, inevitably, confidential and sensitive material is either in use or archived.

Apple say that the vulnerability could allow attackers to take complete control of devices, adding that they are “aware of a report that this issue may have been actively exploited”.

In a security update on its support page, Apple said one of the flaws means a malicious application “may be able to execute arbitrary code with kernel privileges” – which TechCrunch describes as meaning full access to the device.

TechCrunch also reported that the other – a WebKit bug – could be exploited if a vulnerable device accessed or processed “maliciously crafted web content [that] may lead to arbitrary code execution”.

Security experts have advised users to urgently update affected devices.

Apple has not released any further information on how many users were affected by the vulnerability.

Rachel Tobac, the CEO of SocialProof Security, said Apple’s explanation of the vulnerability meant a hacker could get “full admin access to the device” so that they can “execute any code as if they are you, the user”.

Those who should be particularly attentive to updating their software are “people who are in the public eye”, such as activists or journalists who might be the targets of sophisticated nation-state spying, Ms Tobac said.

So far, and fingers crossed, Neil Wilby’s devices, all now security updated, appear to be functioning normally and no unusual activity has been detected.

Page last updated Friday 19th August, 2022 at 1415hrs

Thank you for reading and a polite request: If you wish to make a contribution to the running costs of this website it would be very much appreciated. Donations can made securely, via PayPal at this link.

Corrections: Please let me know if there is a mistake in this article. I will endeavour to correct it as soon as possible.

Picture credits: Facebook

Right of reply: If you are mentioned in this article and disagree with it, please let me have your comments. Provided your response is not defamatory it will be added to the article.

© Neil Wilby 2015-2022. Unauthorised use, or reproduction, of the material contained in this article, without permission from the author, is strictly prohibited. Extracts from, and links to, the article (or blog) may be used, provided that credit is given to Neil Wilby Media, with appropriate and specific direction to the original content.

Published by Neil Wilby

Former Johnston Press area managing director. Justice campaigner. Freelance investigative journalist.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: