In order to address a vulnerability that hackers were actively using to compromise Apple devices, Apple on Monday released a new version of the operating systems for the iPhone and iPad.
Apple stated that it “is aware of a report that this issue may have been actively exploited” on the security update page. Apple uses this terminology when someone informs the company that they have seen hackers using a bug to attack targets in the real world as opposed to a vulnerability discovered by a researcher in, so to speak, a controlled environment.
Apple acknowledged the discovery in this case was made by an unnamed researcher and thanked Citizen Lab “for their assistance.” The University of Toronto’s Munk School is home to Citizen Lab, a digital rights research organization well known for exposing the misuse of NSO Group-made government hacking tools.
According to Apple’s spokesperson Scott Radcliffe, the company has nothing else to say besides what is stated in the release notes. Senior Citizen Lab researcher Bill Marczak stated that as of right now, he and his team are silent.
This most recent flaw affected WebKit, Apple’s Safari browser engine, which has historically been a favorite target for hackers because it allows access to the rest of the device’s data.
Motherboard reported in 2021 that Apple had patched seven bugs that had been exploited in the wild in just the first four months of that year, six of which were in WebKit, a figure that at the time was thought to be high.
The situation has changed since then. Nine iOS bugs that “may have been actively exploited” since January 2022, four of which were in WebKit, according to TechCrunch’s vulnerability count. The other four were located in the operating system’s kernel, one in AppleAVD, the company’s framework for audio and video decoding, and three in IOMobileFrameBuffer, a kernel extension.
You should still update your phone even though it’s unlikely that an average iPhone user will be affected by a zero-day like this one.