In addition, Apple has also rolled out a fix for a vulnerability affecting WebKit, the engine used by Safari, Mail and many other iOS and macOS apps. According to the company, it allows attackers to arbitrarily execute code and could hence be used to, among other things, download more malware. Like the first vulnerability, Apple credits an anonymous researcher for the discovery of this flaw — it also knows that it may have already been exploited and used to compromise iOS and Mac devices.
Both flaws are present in macOS Monterey 12.5.1, and Apple has rolled out a patch for the operating system. They both affect the same set of iPhones and iPads, as well, particularly: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later and iPod touch (7th generation). Since both flaws are likely being actively exploited right now, it’s probably wise for owners of all the aforementioned devices to install the patches by downloading the latest software update.
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.