PSA: Safari Security Flaw 'Actively Exploited,' Update Your Apple Devices Now
This week, Apple released critical software updates for Safari which fix a security flaw that exists in the browser across iPhone, iPad, and Mac platforms. Here's what you need to know.
Specifically, the platform-wide fix is for a vulnerability in Safari's WebKit engine that Apple believes may have been "actively exploited" in the wild by hackers.
The flaw, according to Apple, could allow bad actors to "process maliciously crafted web content" that may lead to "arbitrary code execution."
An additional fix that exists in the latest update for macOS Monterey, 12.5.1, relates to a vulnerability that may allow an application to "execute arbitrary code with kernel privileges."
In other words, it could allow hackers to access the deepest layer of the operating system and take complete control of the affected device. Apple says it is aware of a report that this issue may also have been actively exploited.
If you haven't updated already, it's important to do so at the earliest opportunity. The latest critical updates are as follows:
To update your iPhone or iPad, head to Settings -> General -> Software Update. To update your Mac, open System Preferences and select the Software Update preference pane.
Popular Stories
Apple and Meta have opposed a Canadian bill that the companies say could force them to create backdoor access to encrypted user data, should it pass through the country's parliament.
Proposed by Canada's ruling Liberal Party, Bill C-22 contains provisions that could be similar to a UK data access provision order sent to Apple last year, depending on how they are implemented.
Back in Feb...
Apple recently announced that Tim Cook will be stepping down as CEO later this year, after 15 years of leading the company.
Effective September 1, Apple's hardware engineering chief John Ternus will become the company's next CEO, while Cook will become executive chairman of Apple's board of directors. In his new role, Apple said Cook will assist with "certain aspects" of the company,...
Instagram will remove end-to-end encryption for direct messages between users from May 8, 2026. When the date comes around, Meta will potentially be able to see the contents of all messages between users on the social media platform.
Encrypting messages has been an optional feature in Instagram since 2023, but in March of this year the social media platform quietly updated a help page to say ...
