Apple has released a series of software updates for the iPhone and iPad that fix some vulnerabilities that have been exploited by cybercriminals.
In a technical support document, the tech giant explains that both iOS 15.6.1 and iPadOS 15.6.1 resolve security flaws in the kernel and WebKit, and that all devices that are still supported now receive these updates.
Therefore, iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later and iPod touch (7th generation) are getting OS updates, and everyone is encouraged to install them as soon as possible.
Regarding the kernel security flaw, Apple advises that it is already aware of the attacks that are currently being used to exploit this vulnerability.
An application can execute arbitrary code with kernel privileges. Apple is aware of a report indicating that this issue may have been actively exploited. Fixed an out-of-bounds write issue with improved bounds checking.
The second vulnerability affects WebKit, and Apple says the same devices are being targeted. Once again, it looks like the security hole is already being exploited.
Processing malicious web content may lead to arbitrary code execution. Apple is aware of a report indicating that this issue may have been actively exploited. Fixed an out-of-bounds write issue with improved bounds checking.
Since the vulnerabilities are already being used by malicious actors to attack iPhones and iPads, it goes without saying that users should prioritize patching and installing new updates as soon as possible.