Vulnerability at Apple: Hackers could access mobile phone data - these devices are affected
Created: 2022-08-24 04:59
By: Jörg Heinrich
Apple warned that a vulnerability could allow hackers to take control of devices and access data.
The gap has been fixed - Apple users should still be careful.
Munich – Apple also justifies the high prices for its devices with the fact that they should be particularly safe.
This is usually the case.
Because hardware and software come from a single source, the US group can "seal" its cell phones, tablets and computers very well.
However, it is now evident that Apple cannot offer absolute security against hackers either.
Because in millions of iPhones, iPads and Mac computers there is such a serious security hole that Apple is urging its users to update the software on their devices.
The security specialist Sophos speaks of "emergency updates" that have now been released.
What gaps is the Apple alert about?
Anonymous experts have discovered two so-called zero-day vulnerabilities on the devices.
The term stands for errors that are so serious that the manufacturer has practically zero days to fix them.
The vulnerabilities affect Apple's Safari browser and its technology called WebKit, which is mandatory on iPhone and iPad.
Safari is also used on the Mac, but there are alternatives without WebKit in the form of Chrome and Firefox.
Users surfing with Safari and other WebKit browsers run the risk of hackers taking complete control of their devices simply by accidentally visiting a specially crafted website.
According to Apple, the gap could already have been actively exploited by hackers.
How big are the dangers?
The risks that Sophos experts list sound like a nightmare scenario.
Among other things, attackers can spy on all running apps, load and start additional apps on the devices, access almost all data, change security settings, tap cameras and microphones and track surfing behavior.
Spying on bank details and passwords, the theft of photos or documents are just some of the dangers.
Apple warns of a vulnerability that hackers could use to access private data.
(symbol photo) © imageBROKER/Valentin Wolf/Imago
Apple security leak: Which devices are affected?
iPhone 6S (2015) and all later iPhones up to the current iPhone 13
All models of iPad Pro
iPad Air 2 (2014) and later
iPad 5 (2017) and later
iPad mini 4 (2015) and later
iPod Touch 7 (2019)
Mac computers running Catalina operating systems (2019)
Big Sur (2020) and Monterey (2021)
also read
DHL is changing the rules for receiving parcels: customers have to be prepared for this
Lidl and Kaufland: Something is changing in the parking lots – “Contribution to the traffic turnaround”
What must Apple users do now?
Because there is no automatic update, the most important step is to update the software as soon as possible.
This works via the settings of the device (the symbol with the gray gear wheel) and there in the menu "General => Software update" (iPhone and iPad) or "Software update" (Mac).
The new and secure versions iOS 15.6.1 (iPhone), iPadOS 15.6.1 (iPad) and macOS Monterey 12.5.1 (Mac) should be available there for installation.
Safari browser updates are available for Catalina and Big Sur.
Shouldn't Apple devices be extra secure?
Basically yes.
Because Apple rigorously seals its App Store and does not allow installations from third-party sources, the devices are considered relatively safe.
The operating systems also rarely have gaps.
And in contrast to Android, which has recently significantly improved security, all Apple users always have immediate access to new, secure operating system versions - for a good five years.
According to anti-virus experts at Panda, 47.2 percent of all web security vulnerabilities occur on Android - and less than one percent on the iPhone.
Apple has not yet announced how the undoubtedly embarrassing security meltdown could come about.
WhatsApp, Threema & Co: Will users soon be able to chat with each other between the different platforms?
An EU law regulating big Internet companies gives advantages to smaller companies.