Apple patches dangerous vulnerability on older iPhones, iPads and Macs

iOS 15.7.5, iPadOS 15.7.5, macOS Monterey 12.6.5, and macOS Big Sur 11.7.6 fix a dangerous vulnerability that Apple says could have been exploited in a real-world environment.

• What’s happening? Apple has released new updates to iOS 15.7.5, iPadOS 15.7.5, macOS Monterey 12.6.5, and macOS Big Sur 11.7.6 for older devices.
• Why care? The releases fix the vulnerability exploited by the attackers. Updating your devices will protect you from this dangerous vulnerability.
• What to do? Use the Apple Software Update feature to install updates.

Apple patches dangerous vulnerability on older iPhones, iPads and Macs

On April 10, 2023, Apple released critical software updates for older iPhones, iPads, and Macs to fix an exploit that could allow a rogue app to execute dangerous code with kernel privileges. The company has already addressed this issue for newer devices capable of running its latest and greatest operating systems, and now the same fix has been released for older devices.

Here are the updates that Apple released today:

• iOS 15.7.5 for 1st generation iPhone SE, all iPhone 6s and iPhone 7 models, and 7th generation iPod touch.
• iPadOS 15.7.5 for iPad Air 2 and iPad mini 4th generation.
• macOS Monterey 12.6.5 for all Macs running any version of macOS Monterey.
• macOS Big Sur 11.7.6 for all Macs running any version of macOS Big Sur.

How to install iOS 15.7.5, iPadOS 15.7.5, macOS Monterey 12.6.5 and macOS Big Sur 11.7.6

You can install these updates through the Apple Software Update mechanism. To download and install iOS or iPadOS 15.7.5, go to Settings > General > Software Update, then tap Install Now or Download and Install.

To apply the macOS Monterey 12.6.5 or macOS Big Sur 11.7.6 update, click the Apple menu and choose System Preferences, then click the Software Update icon. When your Mac has finished checking for updates, click the button to download and install macOS Monterey 12.6.5 or macOS Big Sur 11.7.6.

What’s new in iOS 15.7.5, iPadOS 15.7.5, macOS Monterey 12.6.5, and macOS Big Sur 11.7.6?

The updates fix an exploit that could allow an application to execute arbitrary code with kernel privileges. “Apple is aware of a report that this issue may have been heavily exploited,”the company notes. This has been fixed with improved input validation.

Details are available in Apple’s security documents:

• About the security components of macOS Big Sur 11.7.6
• About the security features of macOS Monterey 12.6.5
• About the security components of iOS 15.7.5 and iPadOS 15.7.5

In addition to the aforementioned fix, iOS 15.7.5 and iPadOS 15.7.5 also include a fix for a WebKit (Safari rendering engine) issue where rendering malicious web content could lead to arbitrary code execution.

This problem has also been actively exploited in the wild. Don’t worry, Apple fixed both vulnerabilities on its other devices with iOS 16.4.1, iPadOS 16.4.1 and macOS Ventura 13.3.1 software updates. Safari 16.4.1 was separately submitted via a Software Update to fix the above WebKit issue on Big Sur and Monterey Mac computers.

Should I update as soon as possible?

At the heart of macOS, the kernel is in complete control of everything in the operating system, interacting between software and hardware. Allowing a rogue application to execute malicious code with kernel privileges opens the door to all sorts of nasty security and privacy breaches. This is why this particular exploit is dangerous and why Apple bothered to release a fix for older devices.

Yes, you should update as soon as possible!