Apple is implementing a new security update for older devices that addresses a problematic bug that was recently patched in newer Apple devices.
The bug would allow threat actors to run malware on users’ devices by using arbitrary code with kernel privileges to bypass their security systems. The malware is then usually used to download spyware onto victims’ phones and collect personal information on them.
Spyware collects people’s most private information, like their financial information, logins and passwords, and sensitive personal information like addresses, phone numbers, confidential files, or anything else that it can use. Traditionally, information collected by spyware is sold on the black market for other threat actors to take advantage of.
In its last security update, Apple patched these vulnerabilities for newer devices, but older products were left unprotected.
Recently, Apple ramped up its efforts to backport patches into older versions of Apple products, which are still used by a large amount of their customer base. In this case, iOS 15.7.5 and iPadOS 15.7.5 both introduce fixes for the bugs that allow the actors to run the arbitrary code in older devices including, iPhone 6s, iPhone 7, iPhone SE, iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)
Several Mac products that were affected by the vulnerability also received patches, including macOS Big Sur getting its 11.7.6 update, and macOS Monterey received patch 12.6.5. These updates were introduced to patch the bug and keep them safe.
In both cases, users are instructed by Apply to update to the newest version whenever possible to make sure they can’t be afflicted by this bug and end up with malware on their devices. Apple notes that targeted attacks may have occurred as well, so if you do believe you’ve been affected by this bug before the patch, make sure to use your antivirus software to scan your device and make sure there’s no malware lingering in your files.