What should Apple users do as iPhones, iPads and Macs hit by 'hacker' security warning?

Correspondent Sejal Karia explains what Apple's announcement means for consumers

Apple has discovered serious security vulnerabilities affecting some iPhones, iPads and Macs that could potentially allow attackers to take complete control of the devices.

The tech giant said it is “aware of a report that this issue may have been actively exploited”. However, there have so far been no confirmed specific cases where the security flaw had been used against people or devices.

Users have been advised to update devices that may have been affected.

Do I need to update my device?

Apple said it has issued "important security updates" recommended for all users of certain devices.

They include:

  • iPhones 6S and later models

  • several models of the iPad, including the fifth generation and later

  • all iPad Pro models and the iPad Air 2

  • Apple Watch

  • Mac computers running MacOS Monterey

  • Some iPod models. 

What impact might the flaw have?

The Apple’s products' vulnerability could allow a hacker could get “full admin access” to the device, experts have warned.

That would allow intruders to impersonate the device’s owner and subsequently run any software in their name, said Rachel Tobac, CEO of SocialProof Security.

Apple did not give specifics on how many users were affected by the vulnerability, or a full list of affected devices and models. In all cases, it cited an anonymous researcher.

Should I be worried?

Cybersecurity experts have encouraged the public to update their devices as soon as possible to protect themselves against the flaw, but also urged people not to panic.

Brian Higgins, security specialist at Comparitech, said: “It’s very rare for them to go public like this, which means everyone should take this threat seriously and update as soon as they are able.

“If Apple think it’s so serious that they need to go public, then if you haven’t already installed iOS 15.6.1 you need to go and do it right now.”

Sam Curry, chief security officer at Cybereason, said it wouldn’t be "prudent" for users to panic about the flaw.

There have so far been no confirmed reports of specific cases where the security flaw had been used against people or devices. Credit: Unsplash

“While the vulnerability could allow threat actors to take full control of a device, stay calm and simply get control of your devices and download the software updates available from Apple," he said.

Those who should be particularly aware about updating their software are “people who are in the public eye” such as activists or journalists who might be the targets of sophisticated nation-state spying, Ms Tobac said.

Commercial spyware companies, such as Israel’s NSO Group, are known for identifying and taking advantage of such flaws, exploiting them in malware that surreptitiously infects targets’ smartphones, siphons their contents and surveils the targets in real time.

Want a quick and expert briefing on the biggest news stories? Listen to our latest podcasts to find out What You Need To Know