CISA Requiring Federal Agencies to patch known iPhone and Mac OS exploits immediately!
What’s the issue?
Apple has released emergency security updates to address two zero-day vulnerabilities that have been exploited in recent attacks affecting iPhones, iPads, and Macs. These vulnerabilities could allow attackers to execute arbitrary code with kernel privileges or execute malicious code on hacked devices.
What’s the risk?
Although the exploits were likely used in highly targeted attacks, it’s essential to install these emergency updates as soon as possible to prevent potential attacks.
The list of affected devices is extensive and includes the following:
· iPhone 8 and later,
· iPad Pro (all models),
· iPad Air 3rd generation and later,
· iPad 5th generation and later,
· iPad mini 5th generation and later, and
· Macs running macOS Ventura.
What’s the solution?
Apple has released updates for these vulnerabilities in iOS 16.4.1, iPadOS 16.4.1, macOS Ventura 13.3.1, and Safari 16.4.1, with improved input validation and memory management.
Important Action
To secure your devices against these vulnerabilities, it’s crucial to install the updates released by Apple as soon as possible. We strongly advise updating all iOS, iPadOS, and macOS devices immediately to address the two zero-day vulnerabilities.
This is a serious, wide-reaching issue and the Cybersecurity and Infrastructure Security Agency (CISA) has issued a directive calling for patching of these vulnerabilities by federal agencies by May 1st, 2023.
If you have any questions, concerns or would like to discuss proper patch management please reach out to our team here at D1 Defend.
