2:00pm, 4 May 2021
TLP Rating:
Vulnerabilities in Apple operating systems reportedly being actively exploited
Apple has released patches for vulnerabilities in iOS, ipadOS, macOS, and watchOS. The vulnerabilities allow an attacker to execute arbitrary code if a user opens malicious web content. There have been reports that these vulnerabilities are being actively exploited.
CERT NZ recommends all users of these operating systems immediately update their devices.
What's happening
Systems affected
Apple has stated the vulnerabilities affect products running the following operating systems:
- iOS and ipadOS 14 before 14.5.1
- iOS 12 before 12.5.3
- macOS before 11.3.1
- watchOS before 7.4.1
For a complete list of products that are able to be updated see the full list on Apples website. External Link
What this means
If a user opens maliciously crafted web content, an attacker can execute arbitrary code on the device.
What to look for
How to tell if you're at risk
If you are using devices running the following operating systems:
- iOS or ipadOS 14 before 14.5.1
- iOS 12 before 12.5.3
- macOS before 11.3.1
- watchOS before 7.4.1
What to do
Prevention
Apply the latest security updates as detailed in the relevant security update from Apple. External Link
More information
Apple security updates External Link
If you require more information or further support, submit a report on our website or contact us on 0800 CERTNZ.
For media enquiries, email our media desk at certmedia@cert.govt.nz or call on 021 854 384
How helpful was this page?
This site is protected by reCAPTCHA and the Google Privacy Policy External Link and Terms of Service External Link apply.