#55 – Update Apple Devices Now


img_4479

EFFECTED USERS: Every iPhone, iPad and Macbook Users.  Possibly Apple TV and other Apple Users.

Hair of fire 5 of 5

SUMMARY: UPDATE NOW!! Very Serious vulnerability on multiple apple devices

A hacker can control your iPhone, iPad or Macbook.

What to do: Check for updates:

Apple or iPad:

  1. Settings App.
  2. Top of third section: tap ‘General”
  3. Second from top: “Software Updates”
  4. It Should say: “iOS is up to date.” If not, follow prompts to complete the update.

Macbook:

  1. Click the Apple icon in the extreme top-left corner (it is always there, unless you are running an app on full screen.
  2. Click ‘About this Mac, at the top of the drop-down menu
  3. In the dialogue box that appears, click the button near the bottom-right which says “Software Update”
  4. You should see the words, “Your Mac is up to date.” If not, follow prompts to complete the update.
Click this button to ensure you are up to date.

WHY?

According to Apple:

Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

– Apple, Inc. https://support.apple.com/en-us/HT213414

That’s bad. Remote code execution means that a program running outside of your phone can tell your phone what to do.

Think of it like a castle: tall walls, lots of defenses and a king/queen inside giving orders.

Imposter enters, dressed like the king/queen and starts giving orders, too.

Common Vulnerability and exposure numbers: CVE-2022-32894 & CVE-2022-32893

REFERENCES  

[1] https://support.apple.com/en-us/HT201222

[2] https://www.bleepingcomputer.com/news/security/apple-releases-safari-1561-to-fix-zero-day-bug-used-in-attacks/

[3] https://nvd.nist.gov/vuln/detail/CVE-2022-32894

That’s all the time we have!

Don’t forget to check out our sponsor, and home of my day-job: SAFE Classroom, at http://www.thesafe.io

Thanks for listening

Published by

Unknown's avatar

David W. Schropfer

David W. Schropfer is a technology executive, author, and speaker with deep expertise in cybersecurity, artificial intelligence, and quantum computing. He currently serves as Executive Vice President of Operations at DomainSkate, where he leads growth for an AI-driven cybersecurity threat intelligence platform. As host of the DIY Cyber Guy podcast, David has conducted hundreds of interviews with global experts, making complex topics like ransomware, AI, and quantum risk accessible to business leaders and consumers. He has also moderated panels and delivered keynotes at major industry events, known for translating emerging technologies into actionable insights. David’s entrepreneurial track record includes founding AnchorID (SAFE), a patented zero-trust mobile security platform. He previously launched one of the first SaaS cloud products at SoftZoo.com, grew global telecom revenue at IDT, and advised Fortune 500 companies on mobile commerce and payments with The Luciano Group. He is the author of several books, including Digital Habits and The SmartPhone Wallet, which became an Amazon #1 bestseller in its category. David holds a Master of Business Administration from the University of Miami and a Bachelor of Arts from Boston College.